Vulnerabilities

Critical Authentication Flaw Haunts GitHub Enterprise Server

CVE-2024-6800, GitHub, GitHub Enterprise Server, Identity & Access, SSO, Vulnerabilities /

Critical Authentication Flaw Haunts GitHub Enterprise Server 2024-08-21 at 20:01 By Ryan Naraine GitHub patches a trio of security defects in the GitHub Enterprise Server product and recommends urgent patching for corporate users. The post Critical Authentication Flaw Haunts GitHub Enterprise Server appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed […]

React to this headline:

Loading spinner

Critical Authentication Flaw Haunts GitHub Enterprise Server Read More »

Google Play Bug Bounty Program Shutting Down

bug bounty program, Google, Vulnerabilities /

Google Play Bug Bounty Program Shutting Down 2024-08-21 at 18:01 By Eduard Kovacs Google is shutting down its Google Play Security Reward Program (GPSRP) after determining that it has achieved its goal. The post Google Play Bug Bounty Program Shutting Down appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Google Play Bug Bounty Program Shutting Down Read More »

Why LinkedIn Developed Its Own AI-Powered Security Platform

Featured, LinkedIn, Security Architecture, Security Infrastructure, Vulnerabilities /

Why LinkedIn Developed Its Own AI-Powered Security Platform 2024-08-21 at 18:01 By Kevin Townsend An inside look at how LinkedIn developed an internal AI-assisted vulnerability management system to protect its massive infrastructure and user base. The post Why LinkedIn Developed Its Own AI-Powered Security Platform appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Why LinkedIn Developed Its Own AI-Powered Security Platform Read More »

Major Backdoor in Millions of RFID Cards Allows Instant Cloning

backdoor, China, Featured, IoT Security, RFID, Vulnerabilities /

Major Backdoor in Millions of RFID Cards Allows Instant Cloning 2024-08-20 at 21:31 By Ryan Naraine Backdoor in millions of contactless cards made by Shanghai Fudan Microelectronics allows instantaneous cloning of RFID smart cards used to open office doors and hotel rooms around the world. The post Major Backdoor in Millions of RFID Cards Allows

React to this headline:

Loading spinner

Major Backdoor in Millions of RFID Cards Allows Instant Cloning Read More »

Critical Flaw in Donation Plugin Exposed 100,000 WordPress Sites to Takeover

plugin, Vulnerabilities, vulnerability, WordPress /

Critical Flaw in Donation Plugin Exposed 100,000 WordPress Sites to Takeover 2024-08-20 at 18:16 By Ionut Arghire A critical vulnerability in the GiveWP WordPress plugin could be exploited for remote code execution and arbitrary file deletion. The post Critical Flaw in Donation Plugin Exposed 100,000 WordPress Sites to Takeover appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Critical Flaw in Donation Plugin Exposed 100,000 WordPress Sites to Takeover Read More »

Cisco, Microsoft Disagree on Severity of macOS App Vulnerabilities 

Cisco, Microsoft, Vulnerabilities, vulnerability /

Cisco, Microsoft Disagree on Severity of macOS App Vulnerabilities  2024-08-20 at 15:31 By Ionut Arghire Multiple vulnerabilities in Microsoft applications for macOS could be exploited to send emails, leak sensitive information, and escalate privileges. The post Cisco, Microsoft Disagree on Severity of macOS App Vulnerabilities  appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Cisco, Microsoft Disagree on Severity of macOS App Vulnerabilities  Read More »

How Exceptional CISOs Are Igniting the Security Fire in Their Development Team

Application Security, CISO, CISO Strategy, DevSecOps, Vulnerabilities /

How Exceptional CISOs Are Igniting the Security Fire in Their Development Team 2024-08-20 at 14:16 By Matias Madou For years, many CISOs have struggled to influence their development cohort on the importance of putting security first. The post How Exceptional CISOs Are Igniting the Security Fire in Their Development Team appeared first on SecurityWeek. This

React to this headline:

Loading spinner

How Exceptional CISOs Are Igniting the Security Fire in Their Development Team Read More »

F5 Patches High-Severity Vulnerabilities in BIG-IP, NGINX Plus

F5, Vulnerabilities, vulnerability /

F5 Patches High-Severity Vulnerabilities in BIG-IP, NGINX Plus 2024-08-20 at 14:16 By Ionut Arghire F5’s latest quarterly security notification includes nine advisories, including four for high-severity vulnerabilities in BIG-IP and NGINX Plus. The post F5 Patches High-Severity Vulnerabilities in BIG-IP, NGINX Plus appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

F5 Patches High-Severity Vulnerabilities in BIG-IP, NGINX Plus Read More »

Deep Dive and Simulation of a MariaDB RCE Attack: CVE-2021-27928

Database Protection, Vulnerabilities /

Deep Dive and Simulation of a MariaDB RCE Attack: CVE-2021-27928 2024-08-16 at 16:02 By Karl Biron In early 2021, a new vulnerability, identified as CVE-2021-27928, was discovered and published. It affects multiple versions of the open-source relational database management systems (RDMBS) MariaDB and Percona Server, and the wsrep (write set replication) plugin for MySQL. Fortunately, security

React to this headline:

Loading spinner

Deep Dive and Simulation of a MariaDB RCE Attack: CVE-2021-27928 Read More »

Copy2Pwn Zero-Day Exploited to Bypass Windows Protections

MotW, security bypass, Vulnerabilities, Windows, Zero-Day /

Copy2Pwn Zero-Day Exploited to Bypass Windows Protections 2024-08-16 at 13:17 By Eduard Kovacs ZDI details a zero-day named Copy2Pwn and tracked as CVE-2024-38213, which cybercriminals exploited to bypass MotW protections in Windows. The post Copy2Pwn Zero-Day Exploited to Bypass Windows Protections appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Copy2Pwn Zero-Day Exploited to Bypass Windows Protections Read More »

SolarWinds Web Help Desk Vulnerability Possibly Exploited as Zero-Day

Featured, SolarWinds, Vulnerabilities, Zero-Day /

SolarWinds Web Help Desk Vulnerability Possibly Exploited as Zero-Day 2024-08-16 at 13:17 By Ionut Arghire The US cybersecurity agency CISA warns that a recent SolarWinds Web Help Desk vulnerability has been exploited in the wild. The post SolarWinds Web Help Desk Vulnerability Possibly Exploited as Zero-Day appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

SolarWinds Web Help Desk Vulnerability Possibly Exploited as Zero-Day Read More »

Trustwave Rapid Response: Windows TCP/IP RCE Vulnerability (CVE-2024-38063)

Trustwave Rapid Response, Vulnerabilities /

Trustwave Rapid Response: Windows TCP/IP RCE Vulnerability (CVE-2024-38063) 2024-08-16 at 00:01 By Microsoft has disclosed a critical (CVSS 9.8) TCP/IP remote code execution (RCE) vulnerability that impacts all Windows systems utilizing IPv6. To conduct this attack, threat actors can repeatedly send IPv6 packets that include specially crafted packets. By doing this, an unauthenticated attacker could

React to this headline:

Loading spinner

Trustwave Rapid Response: Windows TCP/IP RCE Vulnerability (CVE-2024-38063) Read More »

Zero-Click Exploit Concerns Drive Urgent Patching of Windows TCP/IP Flaw

IPv6, Malware & Threats, Microsoft, Patch Tuesday, TCP/IP, Vulnerabilities, Zero-Day /

Zero-Click Exploit Concerns Drive Urgent Patching of Windows TCP/IP Flaw 2024-08-15 at 20:01 By Ryan Naraine Security experts are ratcheting up the urgency for Windows admins to patch a wormable, pre-auth remote code execution vulnerability in the Windows TCP/IP stack. The post Zero-Click Exploit Concerns Drive Urgent Patching of Windows TCP/IP Flaw appeared first on

React to this headline:

Loading spinner

Zero-Click Exploit Concerns Drive Urgent Patching of Windows TCP/IP Flaw Read More »

SolarWinds Issues Hotfix for Critical Web Help Desk Vulnerability

SolarWinds, Vulnerabilities, vulnerability /

SolarWinds Issues Hotfix for Critical Web Help Desk Vulnerability 2024-08-15 at 16:32 By Ionut Arghire SolarWinds has released a hotfix for a critical Java deserialization remote code execution vulnerability in Web Help Desk. The post SolarWinds Issues Hotfix for Critical Web Help Desk Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

SolarWinds Issues Hotfix for Critical Web Help Desk Vulnerability Read More »

Palo Alto Networks Patches Unauthenticated Command Execution Flaw in Cortex XSOAR

Palo Alto Networks, Vulnerabilities, vulnerability /

Palo Alto Networks Patches Unauthenticated Command Execution Flaw in Cortex XSOAR 2024-08-15 at 15:04 By Eduard Kovacs Palo Alto Networks has patched multiple vulnerabilities, including ones rated high severity, in several products. The post Palo Alto Networks Patches Unauthenticated Command Execution Flaw in Cortex XSOAR appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Palo Alto Networks Patches Unauthenticated Command Execution Flaw in Cortex XSOAR Read More »

Fortinet, Zoom Patch Multiple Vulnerabilities

Fortinet, Vulnerabilities, vulnerability, Zoom /

Fortinet, Zoom Patch Multiple Vulnerabilities 2024-08-14 at 15:46 By Eduard Kovacs Fortinet and Zoom have released patches for multiple vulnerabilities in their products, including high-severity bugs. The post Fortinet, Zoom Patch Multiple Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Fortinet, Zoom Patch Multiple Vulnerabilities Read More »

Ivanti Patches Critical Vulnerabilities in Neurons for ITSM, Virtual Traffic Manager

Ivanti, Vulnerabilities, vulnerability /

Ivanti Patches Critical Vulnerabilities in Neurons for ITSM, Virtual Traffic Manager 2024-08-14 at 14:02 By Ionut Arghire Ivanti has released patches for multiple vulnerabilities in Neurons for ITSM, Avalanche, and Virtual Traffic Manager, including critical bugs. The post Ivanti Patches Critical Vulnerabilities in Neurons for ITSM, Virtual Traffic Manager appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Ivanti Patches Critical Vulnerabilities in Neurons for ITSM, Virtual Traffic Manager Read More »

Chipmaker Patch Tuesday: Intel, AMD Address Over 110 Vulnerabilities

Amd, Chipmaker Patch Tuesday, Intel, Vulnerabilities /

Chipmaker Patch Tuesday: Intel, AMD Address Over 110 Vulnerabilities 2024-08-14 at 14:02 By Eduard Kovacs Intel and AMD have each informed customers about dozens of vulnerabilities found and patched in their products.  The post Chipmaker Patch Tuesday: Intel, AMD Address Over 110 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Chipmaker Patch Tuesday: Intel, AMD Address Over 110 Vulnerabilities Read More »

Microsoft Warns of Six Windows Zero-Days Being Actively Exploited

exploit, Featured, Microsoft, Patch Tuesday, Vulnerabilities, Windows, Zero-Day /

Microsoft Warns of Six Windows Zero-Days Being Actively Exploited 2024-08-13 at 23:01 By Ryan Naraine Microsoft’s security response team pushed out documentation for almost 90 vulnerabilities across Windows and OS components and marked several flaws in the actively exploited category. The post Microsoft Warns of Six Windows Zero-Days Being Actively Exploited appeared first on SecurityWeek.

React to this headline:

Loading spinner

Microsoft Warns of Six Windows Zero-Days Being Actively Exploited Read More »

Adobe Calls Attention to Massive Batch of Code Execution Flaws

Acrobat and Reader, Adobe, magento, Patch Tuesday, Photoshop, Vulnerabilities /

Adobe Calls Attention to Massive Batch of Code Execution Flaws 2024-08-13 at 20:46 By Ryan Naraine Patch Tuesday: Adobe patches 72 security vulnerabilities and warns that Windows and macOS users are at risk of code execution, memory leaks, and denial-of-service attacks. The post Adobe Calls Attention to Massive Batch of Code Execution Flaws appeared first

React to this headline:

Loading spinner

Adobe Calls Attention to Massive Batch of Code Execution Flaws Read More »

Scroll to Top