Category: Vulnerabilities

June 30, 2022

With more than 50 million downloads, Amazon Photos offers cloud storage, allowing users to store photos and videos at their original quality, as well as to print and share photos, and to display them on multiple Amazon devices. In November […]

June 30, 2022

According to Broadcom, the Brocade SANnav storage area network (SAN) management application is affected by nine vulnerabilities. Patches have been made available for these security holes. Six of them impact third-party components such as OpenSSL, Oracle Java and NGINX, and […]

June 30, 2022

Ransomware detections in the first quarter of this year doubled the total volume reported for 2021, according to the latest quarterly Internet Security Report from the WatchGuard Threat Lab. Researchers also found that the Emotet botnet came back in a […]

June 29, 2022

A new security vulnerability has been disclosed in RARlab’s UnRAR utility that, if successfully exploited, could permit a remote attacker to execute arbitrary code on a system that relies on the binary. The flaw, assigned the identifier CVE-2022-30333, relates to […]

June 29, 2022

Cybersecurity researchers from Palo Alto Networks Unit 42 disclosed details of a new security flaw affecting Microsoft’s Service Fabric that could be exploited to obtain elevated permissions and seize control of all nodes in a cluster. The issue, which has […]

June 29, 2022

The presence of these vulnerabilities within the infrastructure of an organization could potentially expose it to a broad range of attacks. “Welcome to the 2022 Common Weakness Enumeration (CWE™) Top 25 Most Dangerous Software Weaknesses list (CWE™ Top 25). This […]

June 29, 2022

This month’s scheduled Firefox release is out, with the new 102.0 version patching 19 CVE-numbered bugs. Despite the large number of CVEs, the patches don’t include any bugs already being exploited in the wild (known in the jargon as zero-days), […]

June 27, 2022

Last week threat actors have stolen $100 million in cryptocurrency from the Blockchain company Harmony. The company reported the incident to the authorities, the FBI is investigating the cyber heist with the help of several cybersecurity firms. Harmony’s Horizon Bridge […]

June 24, 2022

Tracked as CVE-2021-44228, the infamous Log4Shell vulnerability that was disclosed in November 2021 impacts the widely used Apache Log4j logging tool, and is described as a critical-severity flaw leading to remote code execution. Exploitation of the vulnerability started less than […]

June 22, 2022

Researchers discovered 56 vulnerabilities affecting devices from 10 operational technology (OT) vendors, most of which they’ve attributed to inherent design flaws in equipment and a lax approach to security and risk management that have been plaguing the industry for decades, […]