Vulnerabilities Archives

CONFERENCE On Demand: Cyber AI & Automation Summit - Watch Now

SECURITYWEEK NETWORK:

ICS:

Hi, what are you looking for?

Vulnerabilities

WordPress 6.4.2 Patches Remote Code Execution Vulnerability

WordPress 6.4.2 patches a flaw that could be chained with another vulnerability to execute arbitrary code.

Ionut Arghire1 day ago

Cyberwarfare

Russian APT Used Zero-Click Outlook Exploit

Russian threat actor APT28 has been exploiting a no-interaction Outlook vulnerability in attacks against 14 countries.

Ionut Arghire1 day ago

Vulnerabilities

Atlassian Patches Critical Remote Code Execution Vulnerabilities

Atlassian has released patches for critical-severity remote code execution flaws in Confluence and other products.

Ionut Arghire3 days ago

Endpoint Security

Enterprise, Consumer Devices Exposed to Attacks via Malicious UEFI Logo Images

LogoFAIL is an UEFI image parser attack allowing hackers to compromise consumer and enterprise devices using malicious logo images.

Eduard Kovacs3 days ago

Vulnerabilities

Exploitation of Recent Cisco IOS XE Vulnerabilities Spikes

The Shadowserver Foundation warns of an increase in the number of devices hacked via recent Cisco IOS XE vulnerabilities.

Ionut Arghire3 days ago

Vulnerabilities

Chrome 120 Patches 10 Vulnerabilities

Chrome 120 was released in the stable channel with patches for 10 vulnerabilities, including five externally reported flaws.

Ionut Arghire3 days ago

Data Breaches

SEC Investigating Progress Software Over MOVEit Hack

Progress Software confirms the SEC has launched its own investigation into costly ransomware zero-days in the MOVEit file transfer software.

Ionut ArghireOctober 12, 2023

ICS/OT

Unpatched Vulnerabilities Expose Yifan Industrial Routers to Attacks

Industrial routers made by Chinese company Yifan are affected by several critical vulnerabilities that can expose organizations to attacks.

Eduard KovacsOctober 12, 2023

ICS/OT

Critical SOCKS5 Vulnerability in cURL Puts Enterprise Systems at Risk

Flaw poses a direct threat to the SOCKS5 proxy handshake process in cURL and can be exploited remotely in some non-standard configurations.

Ryan NaraineOctober 11, 2023

Vulnerabilities

Citrix Patches Critical NetScaler ADC, Gateway Vulnerability

Citrix has released patches for a critical information disclosure vulnerability in NetScaler ADC and NetScaler Gateway.

Ionut ArghireOctober 11, 2023

Vulnerabilities

Chrome 118 Patches 20 Vulnerabilities

Google has released Chrome 118 to the stable channel with patches for 20 vulnerabilities, including one rated ‘critical severity’.

Ionut ArghireOctober 11, 2023

Network Security

Organizations Respond to HTTP/2 Zero-Day Exploited for DDoS Attacks

Organizations respond to HTTP/2 Rapid Reset zero-day vulnerability exploited to launch the largest DDoS attacks seen to date.

Eduard KovacsOctober 11, 2023

Vulnerabilities

CISA Warns of Attacks Exploiting Adobe Acrobat Vulnerability

CISA has added five bugs to its Known Exploited Vulnerabilities catalog, including the recent WordPad, Skype, and HTTP/2 zero-days.

Ionut ArghireOctober 11, 2023

Cyberwarfare

Microsoft Blames Nation-State Threat Actor for Confluence Zero-Day Attacks

Microsoft says an APT group tracked as Storm-0062 has been hacking Confluence installations since mid-September, three weeks before Atlassian’s disclosure.

Ryan NaraineOctober 10, 2023

Application Security

Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business

Microsoft patches more than 100 vulnerabilities across the Windows ecosystem and warned that three are already being exploited in the wild.

Ryan NaraineOctober 10, 2023

Incident Response

Patch Tuesday: Code Execution Flaws in Adobe Commerce, Photoshop

Adobe Commerce customers exposed to code execution, privilege escalation, arbitrary file system read, and security feature bypass attacks.

Ryan NaraineOctober 10, 2023

Vulnerabilities

SAP Releases 7 New Notes on October 2023 Patch Day

SAP has released seven new notes as part of its October 2023 Security Patch Day, all rated ‘medium severity’.

Ionut ArghireOctober 10, 2023

Vulnerabilities

One-Click GNOME Exploit Could Pose Serious Threat to Linux Systems

A one-click exploit targeting the Libcue component of the GNOME desktop environment could pose a serious threat to Linux systems.

Eduard KovacsOctober 10, 2023

Page 6 of 596« First ‹ Previous 2 3 4 567 8 9 10 Next ›Last »

SECURITYWEEK NETWORK:

ICS:

Vulnerabilities

WordPress 6.4.2 Patches Remote Code Execution Vulnerability

Cyberwarfare

Russian APT Used Zero-Click Outlook Exploit

Vulnerabilities

Atlassian Patches Critical Remote Code Execution Vulnerabilities

Endpoint Security

Enterprise, Consumer Devices Exposed to Attacks via Malicious UEFI Logo Images

Vulnerabilities

Exploitation of Recent Cisco IOS XE Vulnerabilities Spikes

Vulnerabilities

Chrome 120 Patches 10 Vulnerabilities

Data Breaches

SEC Investigating Progress Software Over MOVEit Hack

ICS/OT

Unpatched Vulnerabilities Expose Yifan Industrial Routers to Attacks

ICS/OT

Critical SOCKS5 Vulnerability in cURL Puts Enterprise Systems at Risk

Vulnerabilities

Citrix Patches Critical NetScaler ADC, Gateway Vulnerability

Vulnerabilities

Chrome 118 Patches 20 Vulnerabilities

Network Security

Organizations Respond to HTTP/2 Zero-Day Exploited for DDoS Attacks

Vulnerabilities

CISA Warns of Attacks Exploiting Adobe Acrobat Vulnerability

Cyberwarfare

Microsoft Blames Nation-State Threat Actor for Confluence Zero-Day Attacks

Application Security

Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business

Incident Response

Patch Tuesday: Code Execution Flaws in Adobe Commerce, Photoshop

Vulnerabilities

SAP Releases 7 New Notes on October 2023 Patch Day

Vulnerabilities

One-Click GNOME Exploit Could Pose Serious Threat to Linux Systems

Featured

Artificial Intelligence

Europe Reaches a Deal on the World’s First Comprehensive AI Rules

ICS/OT

Cyberattack on Irish Utility Cuts Off Water Supply for Two Days

Endpoint Security

Future Intel, AMD and Arm CPUs Vulnerable to New ‘SLAM’ Attack: Researchers

CISO Strategy

Microsoft Hires New CISO in Major Security Shakeup

ICS/OT

21 Vulnerabilities in Sierra Wireless Routers Could Expose Critical Infrastructure to Attacks

ICS/OT

Unpatched Loytec Building Automation Flaws Disclosed 2 Years After Discovery

Cybercrime

New Threat Actor ‘AeroBlade’ Targeted US Aerospace Firm in Espionage Campaign

Latest News

Data Protection

Opal Security Scores $22M Investment for IAM Technology

Artificial Intelligence

In Other News: Fake Lockdown Mode, New Linux RAT, AI Jailbreak, Country’s DNS Hijacked

Funding/M&A

ProvenRun Banks €15 Million for Secure Connected Vehicle Software

Cybercrime

US, UK Announce Charges and Sanctions Against Two Russian Hackers

Mobile & Wireless

Android, Linux, Apple Devices Exposed to Bluetooth Keystroke Injection Attacks

ICS/OT

Cyberattack on Irish Utility Cuts Off Water Supply for Two Days

Privacy & Compliance

Meta Makes End-to-End Encryption a Default on Facebook Messenger