Vulnerabilities Archives

SECURITYWEEK NETWORK:

ICS:

Hi, what are you looking for?

Malware & Threats

Exploitation of Critical ownCloud Vulnerability Begins

Threat actors have started exploiting a critical ownCloud vulnerability leading to sensitive information disclosure.

Ionut Arghire16 hours ago

Data Protection

Critical ownCloud Flaws Lead to Sensitive Information Disclosure, Authentication Bypass

Three critical vulnerabilities in ownCloud could lead to sensitive information disclosure and authentication and validation bypass.

Ionut Arghire2 days ago

Vulnerabilities

Microsoft Offers Up to $20,000 for Vulnerabilities in Defender Products

Microsoft invites researchers to new bug bounty program focused on vulnerabilities in its Defender products.

Ionut Arghire7 days ago

Vulnerabilities

Citrix, Gov Agencies Issue Fresh Warnings on CitrixBleed Vulnerability

Administrators are urged to patch the recent CitrixBleed NetScaler vulnerability as LockBit starts exploiting it.

Ionut ArghireNovember 22, 2023

Vulnerabilities

Microsoft Paid Out $63 Million Since Launch of First Bug Bounty Program 10 Years Ago

Over the past ten years, Microsoft has handed out $63 million in rewards as part of its bug bounty programs.

Ionut ArghireNovember 21, 2023

Vulnerabilities

CitrixBleed Vulnerability Exploitation Suspected in Toyota Ransomware Attack

Toyota Financial Services has been hit by a ransomware attack that may have involved exploitation of the CitrixBleed vulnerability.

Eduard KovacsNovember 17, 2023

Malware & Threats

Number of Cisco Devices Hacked via Zero-Day Remains High as Attackers Update Implant

The number of Cisco devices hacked via recent zero-days remains high, but the attackers have updated their implant.

Eduard KovacsOctober 24, 2023

Identity & Access

SolarWinds Patches High-Severity Flaws in Access Rights Manager

SolarWinds patches high-severity flaws in its Access Rights Manager product, including three unauthenticated remote code execution issues.

Ionut ArghireOctober 23, 2023

Malware & Threats

Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops

Cisco has found a second zero-day vulnerability that has been exploited in recent attacks as the number of hacked devices has started dropping.

Eduard KovacsOctober 23, 2023

Malware & Threats

Number of Cisco Devices Hacked via Unpatched Vulnerability Increases to 40,000

The number of Cisco devices hacked via the CVE-2023-20198 zero-day has reached 40,000, including many in the US.

Eduard KovacsOctober 19, 2023

Cybercrime

Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw

Google says it is still catching government-backed groups linked to China and Russia launching WinRAR exploits in targeted attacks.

Ryan NaraineOctober 18, 2023

Vulnerabilities

Oracle Patches 185 Vulnerabilities With October 2023 CPU

Oracle on Tuesday released 387 new security patches that address 185 vulnerabilities in its code and third-party components.

Ionut ArghireOctober 18, 2023

Citrix NetScaler CVE-2023-4966 exploited

Vulnerabilities

Recent NetScaler Vulnerability Exploited as Zero-Day Since August

Mandiant says the recently patched Citrix NetScaler vulnerability CVE-2023-4966 had been exploited as zero-day since August.

Ionut ArghireOctober 18, 2023

Vulnerabilities

US Gov Expects Widespread Exploitation of Atlassian Confluence Vulnerability

CISA, FBI, and MS-ISAC warn of potential widespread exploitation of CVE-2023-22515, a critical vulnerability in Atlassian Confluence.

Ionut ArghireOctober 17, 2023

Vulnerabilities

Cisco Devices Hacked via IOS XE Zero-Day Vulnerability

Cisco is warning customers that a new IOS XE zero-day vulnerability tracked as CVE-2023-20198 is being exploited to hack devices.

Eduard KovacsOctober 17, 2023

Cybercrime

WordPress Websites Hacked via Royal Elementor Plugin Zero-Day

A critical vulnerability in the Royal Elementor WordPress plugin has been exploited as a zero-day since August 30.

Ionut ArghireOctober 17, 2023

Malware & Threats

Signal Pours Cold Water on Zero-Day Exploit Rumors

Privacy-focused messaging firm Signal is pouring cold water on widespread rumors of a zero-day exploit in its popular encrypted chat app.

Ryan NaraineOctober 16, 2023

Government

CISA Now Flagging Vulnerabilities, Misconfigurations Exploited by Ransomware

CISA is now flagging vulnerabilities and misconfigurations that are known to be exploited in ransomware attacks.

Ionut ArghireOctober 13, 2023

Page 4 of 595‹ Previous 1 2 345 6 7 8 Next ›Last »

SECURITYWEEK NETWORK:

ICS:

Malware & Threats

Exploitation of Critical ownCloud Vulnerability Begins

Data Protection

Critical ownCloud Flaws Lead to Sensitive Information Disclosure, Authentication Bypass

Vulnerabilities

Microsoft Offers Up to $20,000 for Vulnerabilities in Defender Products

Vulnerabilities

Citrix, Gov Agencies Issue Fresh Warnings on CitrixBleed Vulnerability

Vulnerabilities

Microsoft Paid Out $63 Million Since Launch of First Bug Bounty Program 10 Years Ago

Vulnerabilities

CitrixBleed Vulnerability Exploitation Suspected in Toyota Ransomware Attack

Malware & Threats

Number of Cisco Devices Hacked via Zero-Day Remains High as Attackers Update Implant

Identity & Access

SolarWinds Patches High-Severity Flaws in Access Rights Manager

Malware & Threats

Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops

Malware & Threats

Number of Cisco Devices Hacked via Unpatched Vulnerability Increases to 40,000

Cybercrime

Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw

Vulnerabilities

Oracle Patches 185 Vulnerabilities With October 2023 CPU

Vulnerabilities

Recent NetScaler Vulnerability Exploited as Zero-Day Since August

Vulnerabilities

US Gov Expects Widespread Exploitation of Atlassian Confluence Vulnerability

Vulnerabilities

Cisco Devices Hacked via IOS XE Zero-Day Vulnerability

Cybercrime

WordPress Websites Hacked via Royal Elementor Plugin Zero-Day

Malware & Threats

Signal Pours Cold Water on Zero-Day Exploit Rumors

Government

CISA Now Flagging Vulnerabilities, Misconfigurations Exploited by Ransomware

Featured

ICS/OT

Hackers Hijack Industrial Control System at US Water Utility

Artificial Intelligence

Pentagon’s AI Initiatives Accelerate Hard Decisions on Lethal Autonomous Weapons

Supply Chain Security

North Korean Software Supply Chain Attack Hits North America, Asia

Artificial Intelligence

Sam Altman is Back as OpenAI CEO Just Days After Being Removed, Along With a New Board

Artificial Intelligence

Insider Q&A: Pentagon AI Chief on Network-Centric Warfare, Generative AI Challenges

Malware & Threats

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability

Email Security

Zimbra Zero-Day Exploited to Hack Government Emails

Latest News

Uncategorized

Police Dismantle Major Ukrainian Ransomware Operation

Artificial Intelligence

Critical Vulnerability Found in Ray AI Framework

Cybercrime

Los Angeles SIM Swapper Sentenced to 8 Years in Prison

Cloud Security

Amazon One Enterprise Enables Palm-Based Access to Physical Locations, Digital Assets

Ransomware

Ardent Hospitals Diverting Patients Following Ransomware Attack

Ransomware

Henry Schein Again Restoring Systems After Ransomware Group Causes More Disruption

Artificial Intelligence

US, UK Cybersecurity Agencies Publish AI Development Guidance