Vulnerabilities Archives

SECURITYWEEK NETWORK:

ICS:

Hi, what are you looking for?

Malware & Threats

Exploitation of Critical ownCloud Vulnerability Begins

Threat actors have started exploiting a critical ownCloud vulnerability leading to sensitive information disclosure.

Ionut Arghire16 hours ago

Data Protection

Critical ownCloud Flaws Lead to Sensitive Information Disclosure, Authentication Bypass

Three critical vulnerabilities in ownCloud could lead to sensitive information disclosure and authentication and validation bypass.

Ionut Arghire2 days ago

Vulnerabilities

Microsoft Offers Up to $20,000 for Vulnerabilities in Defender Products

Microsoft invites researchers to new bug bounty program focused on vulnerabilities in its Defender products.

Ionut Arghire7 days ago

Vulnerabilities

Citrix, Gov Agencies Issue Fresh Warnings on CitrixBleed Vulnerability

Administrators are urged to patch the recent CitrixBleed NetScaler vulnerability as LockBit starts exploiting it.

Ionut ArghireNovember 22, 2023

Vulnerabilities

Microsoft Paid Out $63 Million Since Launch of First Bug Bounty Program 10 Years Ago

Over the past ten years, Microsoft has handed out $63 million in rewards as part of its bug bounty programs.

Ionut ArghireNovember 21, 2023

Vulnerabilities

CitrixBleed Vulnerability Exploitation Suspected in Toyota Ransomware Attack

Toyota Financial Services has been hit by a ransomware attack that may have involved exploitation of the CitrixBleed vulnerability.

Eduard KovacsNovember 17, 2023

Vulnerabilities

Protected Virtual Machines Exposed to New ‘CacheWarp’ AMD CPU Attack

CacheWarp is a new attack method affecting a security feature present in AMD processors that can pose a risk to virtual machines.

Eduard KovacsNovember 14, 2023

SysAid zero-day CVE-2023-47246 exploited

Ransomware

SysAid Zero-Day Vulnerability Exploited by Ransomware Group

CVE-2023-47246 zero-day vulnerability in SysAid IT service management software has been exploited by Cl0p ransomware affiliates.

Eduard KovacsNovember 9, 2023

Endpoint Security

Critical Vulnerabilities Expose Veeam ONE Software to Code Execution

Veeam Software has rolled out patches to cover code execution vulnerabilities in its Veeam ONE IT monitoring product.

Ionut ArghireNovember 7, 2023

Vulnerabilities

Exploitation of Critical Confluence Vulnerability Begins

Threat actors have started exploiting a recent critical vulnerability in Confluence Data Center and Confluence Server.

Ionut ArghireNovember 6, 2023

Vulnerabilities

Microsoft Says Exchange ‘Zero Days’ Disclosed by ZDI Already Patched or Not Urgent

Microsoft says four Exchange ‘zero-days’ disclosed by ZDI have either already been patched or they don’t require immediate attention.

Eduard KovacsNovember 6, 2023

Vulnerabilities

Atlassian Issues Second Warning on Potential Exploitation of Critical Confluence Flaw

Atlassian warns that ‘critical information’ released on the Confluence bug CVE-2023-22518 increases the risk of exploitation.

Ionut ArghireNovember 3, 2023

NET vulnerability CVE-2023-38180 exploited

Cloud Security

After Major Cloud Hacks, Microsoft Unveils ‘Secure Future Initiative’

In response to a spate of embarrassing hacks, Redmond pushes ‘Secure Future Initiative’ promising faster cloud patches, better management of identity signing keys and...

Ryan NaraineNovember 2, 2023

Vulnerabilities

Critical Apache ActiveMQ Vulnerability Exploited to Deliver Ransomware

A recently patched Apache ActiveMQ vulnerability tracked as CVE-2023-46604 is being exploited to deliver ransomware.

Eduard KovacsNovember 2, 2023

Vulnerabilities

Microsoft Temporarily Disables SketchUp Support After Discovery of 117 Vulnerabilities

Zscaler identified 117 vulnerabilities in Microsoft 365’s support for SketchUp files and bypassed initial patches.

Ionut ArghireNovember 2, 2023

Vulnerabilities

Cisco Patches 27 Vulnerabilities in Network Security Products

Cisco has released software updates to address 27 vulnerabilities in Cisco ASA, FMC, and FTD software.

Ionut ArghireNovember 2, 2023

Incident Response

FIRST Releases CVSS 4.0 Vuln Scoring Standard

The CVSS vulnerability scoring standard is refreshed to provide more data and remove ambiguities in rating the severity of downstream issues.

Ryan NaraineNovember 1, 2023

Malware & Threats

Mass Exploitation of ‘Citrix Bleed’ Vulnerability Underway

Multiple threat actors are exploiting CVE-2023-4966, aka Citrix Bleed, a critical vulnerability in NetScaler ADC and Gateway.

Ionut ArghireNovember 1, 2023

Page 2 of 595‹ Previous 123 4 5 6 Next ›Last »

SECURITYWEEK NETWORK:

ICS:

Malware & Threats

Exploitation of Critical ownCloud Vulnerability Begins

Data Protection

Critical ownCloud Flaws Lead to Sensitive Information Disclosure, Authentication Bypass

Vulnerabilities

Microsoft Offers Up to $20,000 for Vulnerabilities in Defender Products

Vulnerabilities

Citrix, Gov Agencies Issue Fresh Warnings on CitrixBleed Vulnerability

Vulnerabilities

Microsoft Paid Out $63 Million Since Launch of First Bug Bounty Program 10 Years Ago

Vulnerabilities

CitrixBleed Vulnerability Exploitation Suspected in Toyota Ransomware Attack

Vulnerabilities

Protected Virtual Machines Exposed to New ‘CacheWarp’ AMD CPU Attack

Ransomware

SysAid Zero-Day Vulnerability Exploited by Ransomware Group

Endpoint Security

Critical Vulnerabilities Expose Veeam ONE Software to Code Execution

Vulnerabilities

Exploitation of Critical Confluence Vulnerability Begins

Vulnerabilities

Microsoft Says Exchange ‘Zero Days’ Disclosed by ZDI Already Patched or Not Urgent

Vulnerabilities

Atlassian Issues Second Warning on Potential Exploitation of Critical Confluence Flaw

Cloud Security

After Major Cloud Hacks, Microsoft Unveils ‘Secure Future Initiative’

Vulnerabilities

Critical Apache ActiveMQ Vulnerability Exploited to Deliver Ransomware

Vulnerabilities

Microsoft Temporarily Disables SketchUp Support After Discovery of 117 Vulnerabilities

Vulnerabilities

Cisco Patches 27 Vulnerabilities in Network Security Products

Incident Response

FIRST Releases CVSS 4.0 Vuln Scoring Standard

Malware & Threats

Mass Exploitation of ‘Citrix Bleed’ Vulnerability Underway

Featured

ICS/OT

Hackers Hijack Industrial Control System at US Water Utility

Artificial Intelligence

Pentagon’s AI Initiatives Accelerate Hard Decisions on Lethal Autonomous Weapons

Supply Chain Security

North Korean Software Supply Chain Attack Hits North America, Asia

Artificial Intelligence

Sam Altman is Back as OpenAI CEO Just Days After Being Removed, Along With a New Board

Artificial Intelligence

Insider Q&A: Pentagon AI Chief on Network-Centric Warfare, Generative AI Challenges

Malware & Threats

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability

Email Security

Zimbra Zero-Day Exploited to Hack Government Emails

Latest News

Uncategorized

Police Dismantle Major Ukrainian Ransomware Operation

Artificial Intelligence

Critical Vulnerability Found in Ray AI Framework

Cybercrime

Los Angeles SIM Swapper Sentenced to 8 Years in Prison

Cloud Security

Amazon One Enterprise Enables Palm-Based Access to Physical Locations, Digital Assets

Ransomware

Ardent Hospitals Diverting Patients Following Ransomware Attack

Ransomware

Henry Schein Again Restoring Systems After Ransomware Group Causes More Disruption

Artificial Intelligence

US, UK Cybersecurity Agencies Publish AI Development Guidance