Researcher showcases hack against Microsoft Windows Update architecture, turning fixed vulnerabilities into zero-days.
Cybersecurity and data protection technology company Acronis last week warned that threat actors are exploiting a critical-severity vulnerability patched nine months ago.
Tracked as CVE-2023-45249 (CVSS score of 9.8), the security defect impacts Acronis Cyber Infrastructure (ACI) and allows threat actors to execute arbitrary code remotely due to the use of default passwords.
Apple on Monday announced a hefty round of security updates that address dozens of vulnerabilities impacting both newer and older iOS and macOS devices.
iOS 17.6 and iPadOS 17.6 were released for the latest generation iPhone and iPad devices with fixes for 35 security defects that could lead to authentication and policy bypasses, unexpected application termination or system shutdown, information disclosure, denial-of-service (DoS), and memory leaks.
A recently disclosed critical-severity vulnerability in discontinued Zyxel NAS devices is already exploited in botnet attacks, the Shadowserver Foundation warns.
Tracked as CVE-2024-29973, the issue is described as a code injection flaw that can be exploited remotely without authentication. It was introduced last year, when Zyxel patched CVE-2023-27992, a similar code injection bug.
“While patching this vulnerability, they added a new endpoint which uses the same approach as the old ones, and while doing so, implemented the same mistakes as its predecessors,” explains Outpost24 security researcher Timothy Hjort, who discovered and reported the security defect.
Apple on Monday updated visionOS, the operating system powering its Vision Pro virtual reality headset, to version 1.2, which addresses several vulnerabilities, including what may be the first security flaw that is specific to this product.
visionOS 1.2 patches nearly two dozen vulnerabilities. However, a vast majority of them are in components that visionOS shares with other Apple products, such as iOS, macOS and tvOS.
NIST announced on Wednesday that it will be receiving outside help to get the National Vulnerability Database (NVD) back on track within the next few months.
The organization informed the cybersecurity community in February that it should expect delays in the analysis of Common Vulnerabilities and Exposures (CVE) identifiers in the NVD, saying that it was working to establish a consortium to improve the program.
The UK Ministry of Defense said a breach at a third-party payroll system exposed as many as 272,000 armed forces personnel and veterans.
The recently disclosed Palo Alto Networks firewall vulnerability tracked as CVE-2024-3400, which has been exploited in attacks for at least one month, has been found to impact one of Siemens’ industrial products.
In an advisory published late last week, Siemens revealed that its Ruggedcom APE1808 devices configured with a Palo Alto Networks virtual next-generation firewall (NGFW) could be affected by CVE-2024-3400.
The Shadowserver Foundation identifies thousands of Ivanti VPN instances likely impacted by a recent remote code execution flaw.
Attackers could exploit a high-severity cross-site Scripting (XSS) vulnerability in the WP-Members Membership WordPress plugin to inject arbitrary scripts into web pages, according to an advisory from security firm Defiant.
The British Library has shared details on the destructive ransomware attack it experienced in October 2023. Although the attack on the national library of the UK occurred five months ago, the Library’s infrastructure won’t be rebuilt until mid-April 2024, and then the full restoration of systems and data can begin.
Google on Tuesday announced that it paid out a total of $10 million through its bug bounty programs in 2023, bringing the total amount awarded by the tech giant for vulnerabilities found in its products since 2010 to $59 million.
The total paid out in 2023 is less than the $12 million handed out in 2022, but it’s still a significant amount. The money was earned last year by 632 researchers from 68 countries. The highest single reward was $113,337.
The exploitation of a high-severity Kubernetes vulnerability can lead to arbitrary code execution with System privileges on all Windows endpoints in a cluster, Akamai warns.
The issue, tracked as CVE-2023-5528 and impacting default Kubernetes installations, exists in the way the open source container orchestration system processes YAML files, which it uses for virtually every function.
In some regards, the vulnerability is like CVE-2023-3676, a lack of sanitization in the subPath parameter in YAML files leading to code injection when creating pods with volumes.
Lending firm LoanDepot said the personal information of 16.9 million individuals was stolen in a ransomware attack in early January 2024.
QNAP has released patches for a dozen vulnerabilities in its products, including several high-severity flaws.
he Donald W. Wyatt Detention Facility says the data of 2,000 inmates, staff, and vendors was stolen in a cyberattack.
UK-based cybersecurity firm Sophos this week announced patches for an exploited vulnerability in Firewall versions that have reached End-of-Life (EOL).
The critical-severity flaw, tracked as CVE-2022-3236, was found to impact versions 19.0 MR1 (19.0.1) and older of the product. It was originally patched in September 2022, but only in supported versions of Sophos Firewall.
Sophos describes the security defect as a code injection issue in the Firewall’s User Portal and Webadmin components, allowing attackers to achieve remote code execution (RCE).
CVE-2023-47246, a zero-day vulnerability in SysAid IT service management software has been exploited by Cl0p ransomware affiliates.
Supermicro has released BMC IPMI firmware updates to address multiple vulnerabilities impacting select motherboard models.
GPUs from AMD, Apple, Arm, Intel, Nvidia and Qualcomm are vulnerable to a new type of side-channel attack named GPU.zip.
