Top

Tag: vulnerabilities


Threats & Malware, Vulnerabilities

Mitre shared 2022 CWE Top 25 most dangerous software weaknesses

June 29, 2022

Via: Security Affairs

The presence of these vulnerabilities within the infrastructure of an organization could potentially expose it to a broad range of attacks. “Welcome to the 2022 Common Weakness Enumeration (CWE™) Top 25 Most Dangerous Software Weaknesses list (CWE™ Top 25). This […]


Threats & Malware, Vulnerabilities

Discovery of 56 OT Device Flaws Blamed on Lackluster Security Culture

June 22, 2022

Via: Threat Post

Researchers discovered 56 vulnerabilities affecting devices from 10 operational technology (OT) vendors, most of which they’ve attributed to inherent design flaws in equipment and a lax approach to security and risk management that have been plaguing the industry for decades, […]


Threats & Malware, Vulnerabilities

Adobe Acrobat Reader Shuns Security Products Due to Compatibility Issues

June 22, 2022

Via: Security Week

The behavior, which is similar to that of suspicious or malicious applications, is related to Acrobat Reader’s use of the Chromium Embedded Framework (CEF), which has some incompatibility issues with certain security products. Minerva says it has observed a gradual […]


Threats & Malware, Vulnerabilities

9 ways hackers will use machine learning to launch attacks

June 13, 2022

Via: CSO Online

Machine learning and artificial intelligence (AI) are becoming a core technology for some threat detection and response tools. The ability to learn on the fly and automatically adapt to changing cyberthreats give security teams an advantage. However, some threat actors […]


Threats & Malware, Vulnerabilities

Chrome 102 Update Patches High-Severity Vulnerabilities

June 10, 2022

Via: Security Week

Tracked as CVE-2022-2007, the first of these bugs is described as a use-after-free in WebGPU. The security hole was reported by David Manouchehri, who received a $10,000 bug bounty reward for his finding. Use-after-free issues are triggered when a program […]


Threats & Malware, Vulnerabilities

CISA Warned About Critical Vulnerabilities in Illumina’s DNA Sequencing Devices

June 6, 2022

Via: The Hacker News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Food and Drug Administration (FDA) have issued an advisory about critical security vulnerabilities in Illumina’s next-generation sequencing (NGS) software. Three of the flaws are rated 10 out of 10 for severity […]


Threats & Malware, Vulnerabilities

Zero Trust for Data Helps Enterprises Detect, Respond and Recover from Breaches

May 23, 2022

Via: Threat Post

Compromised credentials and identities, third-party breaches, API attacks, and application exploits are all foundational entry points for today’s hackers. Recent months have brought many high-profile breaches from Samsung and Nvidia to Okta and the continued aftermath of Log4j. Still, ultimately, […]


Threats & Malware, Vulnerabilities

CISA: Hackers Will Quickly Start Exploiting Newly Patched VMware Vulnerabilities

May 19, 2022

Via: Security Week

The actively exploited vulnerabilities are tracked as CVE-2022-22954 and CVE-2022-22960, and they allow remote code execution and privilege escalation, respectively. They affect VMware Workspace ONE Access, Identity Manager, and vRealize Automation, and they were patched in early April. Both vulnerabilities […]


Threats & Malware, Vulnerabilities

Large-Scale Attack Targeting Tatsu Builder WordPress Plugin

May 18, 2022

Via: Security Week

Tracked as CVE-2021-25094 (CVSS score of 8.1), the vulnerability exists because one of the supported actions does not require authentication when uploading a zip file that is extracted under the WordPress upload directory. While the plugin includes an extension control, […]


Threats & Malware, Vulnerabilities

Apple Finally Patches Exploited Vulnerabilities in macOS Big Sur, Catalina

May 17, 2022

Via: Security Week

The exploited vulnerabilities, tracked as CVE-2022-22675 and CVE-2022-22674, were disclosed in late March. However, at the time, they were only patched in iOS, iPadOS and macOS Monterey, leaving Big Sur and Catalina users exposed. Apple has now patched CVE-2022-22675 with […]