Vulnerabilities Archives

SECURITYWEEK NETWORK:

ICS:

Hi, what are you looking for?

Incident Response

Live Exploitation Underscores Urgency to Patch Critical WS-FTP Server Flaw

Rapid7 says attackers are targeting a critical pre-authentication flaw in Progress Software’s WS_FTP server just days after disclosure.

Ryan Naraine15 hours ago

Email Security

Unpatched Exim Vulnerabilities Expose Many Mail Servers to Attacks

Patches are being developed for serious Exim vulnerabilities that could expose many mail servers to attacks.

Eduard Kovacs20 hours ago

Vulnerabilities

Recently Patched TeamCity Vulnerability Exploited to Hack Servers

In-the-wild exploitation of a critical vulnerability in the TeamCity CI/CD server started shortly after a patch was released by developers.

Eduard Kovacs21 hours ago

Vulnerabilities

CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks

CISA has added CVE-2018-14667, an old critical JBoss RichFaces flaw to its known exploited vulnerabilities catalog.

Eduard Kovacs4 days ago

Vulnerabilities

Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks

Hackers have set their sights on CVE-2023-34468, an RCE vulnerability in Apache NiFi that impacts thousands of organizations.

Ionut Arghire4 days ago

Vulnerabilities

Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers

Gaps in Cloudflare’s security controls allow users to bypass protections and target others from the platform itself.

Ionut Arghire4 days ago

Cybercrime

Progress Software Patches Critical Pre-Auth Flaws in WS_FTP Server Product

Progress Software ships patches for critical-severity flaws in its WS_FTP file transfer software and warns that a pre-authenticated attacker could wreak havoc on the...

Ryan Naraine5 days ago

Vulnerabilities

Cisco Warns of IOS Software Zero-Day Exploitation Attempts

Cisco has released patches for vulnerability in the GET VPN feature of IOS and IOS XE software that has been exploited in attacks.

Ionut Arghire5 days ago

Vulnerabilities

Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor

Google has rushed to patch a new Chrome zero-day vulnerability, tracked as CVE-2023-5217 and exploited by a spyware vendor.

Eduard Kovacs5 days ago

Vulnerabilities

Firefox 118 Patches High-Severity Vulnerabilities

Firefox 118 patches six high-severity vulnerabilities, including a memory leak potentially leading to sandbox escape.

Ionut Arghire6 days ago

Vulnerabilities

macOS 14 Sonoma Patches 60 Vulnerabilities

macOS 14 Sonoma has been officially released by Apple and the latest version of the operating system patches over 60 vulnerabilities.

Eduard Kovacs6 days ago

Vulnerabilities

In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover

A critical vulnerability in the TeamCity CI/CD server could allow unauthenticated attackers to execute code and take over vulnerable servers.

Ionut ArghireSeptember 25, 2023

Page 1 of 58912 3 4 5 Next ›Last »

SECURITYWEEK NETWORK:

ICS:

Incident Response

Live Exploitation Underscores Urgency to Patch Critical WS-FTP Server Flaw

Email Security

Unpatched Exim Vulnerabilities Expose Many Mail Servers to Attacks

Vulnerabilities

Recently Patched TeamCity Vulnerability Exploited to Hack Servers

Vulnerabilities

CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks

Vulnerabilities

Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks

Vulnerabilities

Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers

Cybercrime

Progress Software Patches Critical Pre-Auth Flaws in WS_FTP Server Product

Vulnerabilities

Cisco Warns of IOS Software Zero-Day Exploitation Attempts

Vulnerabilities

Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor

Vulnerabilities

Firefox 118 Patches High-Severity Vulnerabilities

Vulnerabilities

macOS 14 Sonoma Patches 60 Vulnerabilities

Vulnerabilities

In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover

Featured

Artificial Intelligence

National Security Agency is Starting an Artificial Intelligence Security Center

Ransomware

Johnson Controls Hit by Ransomware

Nation-State

US State Department Says 60,000 Emails Taken in Alleged Chinese Hack

Vulnerabilities

Cisco Warns of IOS Software Zero-Day Exploitation Attempts

Vulnerabilities

Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor

Endpoint Security

New GPU Side-Channel Attack Allows Malicious Websites to Steal Data

CISO Strategy

The CISO Carousel and Its Effect on Enterprise Cybersecurity

Latest News

Data Breaches

European Telecommunications Standards Institute Discloses Data Breach

ICS/OT

Number of Internet-Exposed ICS Drops Below 100,000: Report

Ransomware

Johnson Controls Ransomware Attack Could Impact DHS

Training & Awareness

CISA Kicks Off Cybersecurity Awareness Month With New Program

Network Security

Silverfort Open Sources Lateral Movement Detection Tool

Funding/M&A

Bankrupt IronNet Shuts Down Operations

Cloud Security

AWS Using MadPot Decoy System to Disrupt APTs, Botnets