Threats & Malware, Vulnerabilities
November 30, 2022
Via: The Hacker NewsResearchers have disclosed details of three new security vulnerabilities affecting operational technology (OT) products from CODESYS and Festo that could lead to source code tampering and denial-of-service (DoS). The vulnerabilities, reported by Forescout Vedere Labs, are the latest in a […]
Threats & Malware, Vulnerabilities
November 9, 2022
Via: TechRadarCitrix has released a fix for three high-severity vulnerabilities discovered in two of its popular products, and is now urging users to apply the patch immediately. The company has fixed three flaws found in Citrix ADC and Citrix Gateway. ADC […]
Threats & Malware, Vulnerabilities
October 26, 2022
Via: Security WeekThe US Cybersecurity and Infrastructure Security Agency (CISA) this week added two flaws affecting Cisco’s AnyConnect product to its Known Exploited Vulnerabilities catalog. The vulnerabilities, tracked as CVE-2020-3433 and CVE-2020-3153, affect the AnyConnect Secure Mobility Client for Windows, and they […]
Threats & Malware, Vulnerabilities
October 3, 2022
Via: Security WeekAtlassian Bitbucket is a Git-based repository management solution that provides source code hosting and sharing capabilities. Tracked as CVE-2022-36804 (CVSS score of 9.9), the now-exploited vulnerability is described as a command injection bug that impacts multiple API endpoints of Bitbucket […]
Threats & Malware, Vulnerabilities
September 21, 2022
Via: Security WeekThe vulnerabilities affecting the iBoot-PDU product were identified by researchers at industrial cybersecurity firm Claroty, who found a total of seven issues, including ones allowing a remote, unauthenticated attacker to execute arbitrary code. iBoot PDU vulnerabilitiesThe impacted PDU provides a […]
Threats & Malware, Vulnerabilities
September 14, 2022
Via: The Hacker NewsTech giant Microsoft on Tuesday shipped fixes to quash 64 new security flaws across its software lineup, including one zero-day flaw that has been actively exploited in real-world attacks. Of the 64 bugs, five are rated Critical, 57 are rated […]
Threats & Malware, Vulnerabilities
August 31, 2022
Via: Naked SecurityGoogle’s latest Chrome browser, version 105, is out, though the full version number is annoyingly different depending on whether you are on Windows, Mac or Linux. On Unix-like systems (Mac and Linux), you want 105.0.5195.52, but on Windows, you’re looking […]
Threats & Malware, Vulnerabilities
August 12, 2020
Via: Security AffairsMicrosoft August 2020 Patch Tuesday updates have addressed 120 flaws, including two zero-day vulnerabilities that have been exploited in attacks in the wild. The two issues are a Windows spoofing bug and a remote code execution flaw in Internet Explorer. […]
Security, Threats & Malware, Vulnerabilities
August 7, 2020
Via: TrendMicro BlogWelcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Based on research that Trend Micro released during Black Hat USA this past week, […]
Threats & Malware, Vulnerabilities
April 29, 2020
Via: Security AffairsAdobe has released security updates that address multiple vulnerabilities in Adobe Illustrator, Bridge, and Magento, including some critical remote code execution flaws. The remote code execution flaws could be exploited by an attacker to execute commands in the security context […]
Threats & Malware, Vulnerabilities
March 13, 2020
Via: Security AffairsThe Popup Builder WordPress plugin is affected by security flaws that could be exploited by unauthenticated attackers to inject malicious JavaScript code into popups displayed on websites using it. More than 100,000 websites are exposed to cyber attacks that could […]
October 17, 2019
Via: Threat PostCisco Systems has released a security update stomping out critical and high-severity flaws impacting its Aironet access points, which are entry-level wireless access points (APs) used by mid-size enterprises in their offices or small warehouses. It also issued a slew […]
Threats & Malware, Vulnerabilities
August 22, 2019
Via: Help Net SecurityCisco has fixed over 30 vulnerabilities in various solutions, including Cisco UCS Director, Cisco UCS Director Express for Big Data, Cisco IMC Supervisor, and the Cisco 220 Series smart switches. Cisco 220 Series exploit Users of Cisco UCS Director and […]
Threats & Malware, Vulnerabilities
August 13, 2019
Via: Dark ReadingAttackers have learned that vulnerabilities can hide in the gaps: gaps between components of a system or gaps in a process or procedure. A researcher last week at DEF CON in Las Vegas showed that device drivers — the small […]
Mobile security, Vulnerabilities
August 12, 2019
Via: Security Intelligence5G technology is almost ready to take off in the U.S. While the upgrade was set to go live in 2020, some major cities have, or will soon have, access to the faster wireless speeds — if your device is […]
November 21, 2018
Via: Security AffairsSecurity experts have found several vulnerabilities affecting Dell EMC Avamar and Integrated Data Protection Appliance products. They also warn that VMware’s vSphere Data Protection, which is based on Avamar, is also affected by the issues. Dell EMC released security updates […]
October 12, 2018
Via: Security WeekAn audit commissioned by Mozilla for the Firefox update system revealed no critical vulnerabilities and the flaws rated “high severity” were not easy to exploit. Experts at Germany-based X41 spent 27 days analyzing the Firefox Application Update Service (AUS), including […]
September 18, 2018
Via: Security WeekFacebook announced on Monday that it has expanded its bug bounty program to introduce rewards for reports describing vulnerabilities that involve the exposure of user access tokens. Access tokens allow users to log into third-party applications and websites through Facebook. […]
Network security, Vulnerabilities
September 14, 2018
Via: Security AffairsA team of security researchers demonstrated that the firmware running on nearly all modern computers is vulnerable to cold boot attacks. A team of experts from cybersecurity firm F-Secure has discovered security flaws affecting firmware in modern computers that could […]
September 10, 2018
Via: Security WeekGoogle has released its September 2018 security patches for Android, which resolves more than 50 vulnerabilities in the operating system. The September 2018 Android Security Bulletin is split into two parts, the 2018-09-01 security patch level, which resolves 24 bugs, […]