Top

Category: Vulnerabilities


Threats & Malware, Vulnerabilities

Oracle Warns of Critical Remotely Exploitable Weblogic Server Flaws

July 22, 2021

Via: The Hacker News

Oracle on Tuesday released its quarterly Critical Patch Update for July 2021 with 342 fixes spanning across multiple products, some of which could be exploited by a remote attacker to take control of an affected system. Chief among them is […]


Threats & Malware, Vulnerabilities

Google Chrome patches yet another serious security vulnerability

July 16, 2021

Via: TechRadar

As it put out the latest stable build of the cross-platform Chrome web browser, Google noted that the build bundles eight security fixes, including one that it was aware was being exploited in the wild. Six of the patched Chrome […]


Threats & Malware, Vulnerabilities

New Law Will Help Chinese Government Stockpile Zero-Days

July 14, 2021

Via: Security Week

Starting September 1, 2021, the Chinese government will require that any Chinese citizen who finds a zero-day vulnerability must pass the details to the Chinese government and must not sell or give the knowledge to any third-party outside of China […]


Application security, Security, Threats & Malware, Vulnerabilities

SolarWinds Issues Patches in Wake of Zero-Day Attacks

July 13, 2021

Via: DataBreach Today

Attackers have been exploiting a newly discovered zero-day flaw in SolarWinds software, the security vendor has warned. The vulnerability exists in Serv-U Managed File Transfer Server and Serv-U Secured FTP. SolarWinds has urged all users to immediately install an emergency […]


Threats & Malware, Vulnerabilities

Mitsubishi Electric Patches Vulnerabilities in Air Conditioning Systems

July 12, 2021

Via: Security Week

Advisories describing the vulnerabilities were published this month by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Mitsubishi Electric. SecurityWeek has also obtained additional information from people involved in the discovery and disclosure of these flaws. One advisory describes […]


Threats & Malware, Vulnerabilities

Kaseya staff warned of security weaknesses years ago

July 12, 2021

Via: TechRadar

Former Kaseya staff have alleged that the company failed to address critical security flaws in its software several times between 2017 and 2020. Earlier this month, threat actors exploited a zero-day vulnerability in Kaseya’s VSA software to breach several managed […]


Threats & Malware, Vulnerabilities

Microsoft Paid Out $13.6 Million in Bug Bounties in Past Year

July 9, 2021

Via: Security Week

As part of the company’s 17 bug bounty and grant programs, participating security researchers can earn awards as high as $250,000 — the highest rewards are for critical vulnerabilities in Hyper-V. More than 340 security researchers across 58 countries received […]


Threats & Malware, Vulnerabilities

Kaspersky Password Manager Generated Passwords That Could Quickly Be Brute-Forced

July 7, 2021

Via: Security Week

Developed by Russian security firm Kaspersky, the Kaspersky Password Manager (KPM) allows users not only to securely store passwords and documents, but also to generate passwords when needed. All of the sensitive data stored in KPM’s vault is protected by […]


Threats & Malware, Vulnerabilities

Patch now! Emergency fix for PrintNightmare released by Microsoft

July 7, 2021

Via: Malwarebytes

Last week we wrote about PrintNightmare, a vulnerability that was supposed to be patched but wasn’t. After June’s Patch Tuesday, researchers found that the patch did not work in every case, most notably on modern domain controllers. Yesterday, Microsoft issued […]


Threats & Malware, Vulnerabilities

GitHub paid out over $500K through its bug bounty program for 203 flaws in 2020

June 29, 2021

Via: Security Affairs

Code repository hosting service GitHub announced that it has paid $524,250 through its bug bounty program for 203 vulnerabilities affecting its products and services in 2020. The company revealed that it paid more than $1.5 million since 2016. “2020 was […]