What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-06-27 16:33:00 | Une nouvelle vulnérabilité Moveit déclenche des tentatives de piratage.Les entreprises doivent patcher dès que possible A new MOVEit vulnerability is igniting hacking attempts. Companies should patch ASAP (lien direct) |
Des milliers de personnes ont été piratées l'année dernière en raison d'une vulnérabilité différente de Moveit.
Thousands were hacked last year due to a different MOVEit vulnerability. |
Vulnerability | ||
|
2024-05-16 20:34:51 | Tous les grains de fournisseur Linux sont-ils insécurisés?Une nouvelle étude dit oui, mais il y a un correctif Are all Linux vendor kernels insecure? A new study says yes, but there\\'s a fix (lien direct) |
Tous les grains de fournisseurs sont en proie à des vulnérabilités de sécurité, selon un livre blanc CIQ.La communauté Linux acceptera-t-elle jamais les noyaux stables en amont?
All vendor kernels are plagued with security vulnerabilities, according to a CIQ whitepaper. Will the Linux community ever accept upstream stable kernels? |
Vulnerability Studies | ★★★ | |
|
2024-05-16 15:23:29 | Google corrige un autre exploit zéro-jour dans Chrome - et celui-ci affecte également le bord Google patches another zero-day exploit in Chrome - and this one affects Edge too (lien direct) |
Voici ce que les utilisateurs de Chrome et Edge doivent savoir - et faire - maintenant.
Here\'s what Chrome and Edge users need to know - and do - now. |
Vulnerability Threat | ★★ | |
|
2024-05-10 16:17:00 | Mettez à jour votre navigateur Chrome dès que possible.Google a confirmé un jour zéro exploité dans la nature Update your Chrome browser ASAP. Google has confirmed a zero-day exploited in the wild (lien direct) |
Un nouveau trou de sécurité Chrome JavaScript est méchant, alors ne perdez pas de temps à corriger vos systèmes.
A new Chrome JavaScript security hole is nasty, so don\'t waste any time patching your systems. |
Vulnerability Threat Patching | ★★★ | |
|
2024-03-26 18:57:00 | Tout ce que vous devez savoir sur le piratage du serveur d'échange Microsoft Everything you need to know about the Microsoft Exchange Server hack (lien direct) |
Mise à jour: une nouvelle vulnérabilité critique impactant le serveur Exchange est exploitée dans la nature.
Updated: A new critical vulnerability impacting Exchange Server is being exploited in the wild. |
Hack Vulnerability | ★★ | |
|
2022-11-01 21:21:06 | OpenSSL dodges a security bullet (lien direct) | The critical security vulnerability turned out to be two serious vulnerabilities. Still, they need patching ASAP. | Vulnerability Patching | ||
|
2022-04-11 13:00:01 | XSS vulnerability patched in Directus data engine platform (lien direct) | The platform is described as a "flexible powerhouse for engineers." | Vulnerability | ||
|
2022-04-01 10:23:05 | Zyxel urges customers to patch critical firewall bypass vulnerability (lien direct) | The vendor has issued a severity score of 9.8. | Vulnerability | ||
|
2022-03-28 09:57:58 | Sophos patches critical remote code execution vulnerability in Firewall (lien direct) | Sophos Firewall is a network protection solution for the enterprise market. | Vulnerability | ||
|
2022-03-04 10:48:00 | These are the problems that cause headaches for bug bounty hunters (lien direct) | A researcher shares his thoughts on the challenges of responsible vulnerability disclosure. | Vulnerability | ||
|
2022-02-14 09:46:38 | Patch now: Adobe releases emergency fix for exploited Commerce, Magento zero-day (lien direct) | Adobe says the vulnerability is being used in attacks targeting Adobe Commerce users. | Vulnerability | ||
|
2022-02-04 11:41:14 | Operation EmailThief: Zero-day XSS vulnerability in Zimbra email platform revealed (lien direct) | A zero-day bug in the Zimbra email platform is reportedly under attack. | Vulnerability | ||
|
2022-01-26 08:20:19 | UK government security center, i100 publish NMAP scripts for vulnerability scanning (lien direct) | The SME project aims to streamline the detection and remediation of specific bugs. | Vulnerability | ||
|
2022-01-11 12:00:08 | KCodes NetUSB kernel remote code execution flaw impacts millions of devices (lien direct) | The vulnerability is present in software licensed to multiple router vendors. | Vulnerability | ||
|
2021-11-23 07:55:21 | Code execution bug patched in Imunify360 Linux server security suite (lien direct) | The vulnerability could be used to hijack web servers. | Vulnerability | ||
|
2021-10-19 09:25:47 | Twitter accounts linked to cyberattacks against security researchers suspended (lien direct) | North Korean hackers are luring professionals with "zero-day vulnerability hype." | Vulnerability | ||
|
2021-10-06 12:03:29 | (Déjà vu) Apache HTTP Server Project patches exploited zero-day vulnerability (lien direct) | The critical vulnerability is being actively exploited in the wild. | Vulnerability | ||
|
2021-09-14 11:06:46 | HP patches severe OMEN driver privilege escalation vulnerability (lien direct) | The bug can be used to achieve kernel-mode permissions. | Vulnerability | ||
|
2021-08-10 18:12:00 | Microsoft\'s August 2021 Patch Tuesday: 44 flaws fixed, seven critical including Print Spooler vulnerability (lien direct) | The latest Patch Tuesday sees Microsoft release fixes for 44 different vulnerabilities, including the much-discussed Print Spooler flaw. | Vulnerability | ||
|
2021-07-13 11:22:55 | Modipwn: code execution vulnerability discovered in Schneider Electric Modicon PLCs (lien direct) | The security flaw allows attackers to obtain full control over a PLC. | Vulnerability | ★★★ | |
|
2021-06-28 08:28:30 | GitHub bug bounties: payouts surge past $1.5 million mark (lien direct) | GitHub says that 2020 was the “busiest year yet” in vulnerability disclosure. | Vulnerability | ||
|
2021-06-24 10:48:35 | Cybersecurity firms battle DMCA rules over good-faith research (lien direct) | The argument is that current rules are hampering ethical and effective vulnerability reporting. | Vulnerability | ||
|
2021-06-02 12:00:06 | XSS vulnerability found in popular WYSIWYG website editor (lien direct) | The security flaw was found in how HTML sanitizing is performed. | Vulnerability | ||
|
2021-04-28 12:43:42 | Apple patches macOS Gatekeeper bypass vulnerability exploited in the wild (lien direct) | The patch tackles a zero-day bug actively exploited by Shlayer malware. | Vulnerability | ||
|
2021-04-28 10:29:28 | Linux kernel vulnerability exposes stack memory, causes data leaks (lien direct) | The bug could also be used as a conduit for more severe attacks. | Vulnerability | ||
|
2021-04-09 10:15:53 | Critical Zoom vulnerability triggers remote code execution without user input (lien direct) | The researchers who discovered the bug have earned themselves $200,000. | Vulnerability | ||
|
2021-03-24 12:44:00 | SaltStack revises partial patch for command injection, privilege escalation vulnerability (lien direct) | The second fix was reportedly necessary after SaltStack did not participate in coordinated disclosure. | Vulnerability | ||
|
2021-03-23 11:36:21 | Oil giant Shell discloses data breach linked to Accellion FTA vulnerability (lien direct) | The information of stakeholders has been compromised. | Data Breach Vulnerability | ||
|
2021-03-03 12:09:28 | Microsoft account hijack vulnerability earns bug bounty hunter $50,000 (lien direct) | The researcher says he could have abused the bug to hijack Microsoft accounts. | Vulnerability | ||
|
2021-03-03 10:44:18 | Google patches actively exploited Chrome browser zero-day vulnerability (lien direct) | Upgrading your Chrome build as quickly as possible is recommended. | Vulnerability | ||
|
2021-02-22 11:01:46 | Chinese hackers cloned attack tool belonging to NSA\'s Equation Group (lien direct) | The Jian tool was used to exploit a Windows zero-day vulnerability years before a patch was issued. | Tool Vulnerability | ||
|
2021-02-11 10:30:28 | PayPal fixes reflected XSS vulnerability in user wallet currency converter (lien direct) | The currency conversion endpoint was susceptible to attacks. | Vulnerability | ||
|
2021-02-04 13:00:04 | Cisco\'s AppDynamics debuts app performance, vulnerability management software (lien direct) | Cisco says that clients will no longer have to “sacrifice security for velocity.” | Vulnerability | ||
|
2021-02-01 09:51:20 | Libgcrypt developers release urgent update to tackle severe vulnerability (lien direct) | A severe heap buffer issue was found by Google Project Zero's Tavis Ormandy. | Vulnerability | ★★★★★ | |
|
2021-01-21 11:35:25 | Automated exploit of critical SAP SolMan vulnerability detected in the wild (lien direct) | Proof-of-concept exploit code was published last week. | Vulnerability | ★★★★★ | |
|
2020-12-20 23:14:24 | Zero-click iOS zero-day found deployed against Al Jazeera employees (lien direct) | Zero-day exploited a vulnerability in the iMessages app, patched in iOS 14. | Vulnerability | ||
|
2020-12-11 09:27:49 | Critical CSRF vulnerability found on Glassdoor company review platform (lien direct) | The critical flaw impacted both job seeker and employer accounts on the web domain. | Vulnerability | ||
|
2020-12-10 08:01:44 | Remote code execution vulnerability uncovered in Starbucks mobile platform (lien direct) | The researcher's report revealed multiple endpoints vulnerable to the same flaw. | Vulnerability | ||
|
2020-12-08 17:30:00 | GitHub rolls out dependency review, vulnerability alerts for pull requests (lien direct) | The aim is to prevent vulnerable code from being added to dependencies by accident. | Vulnerability | ||
|
2020-12-07 08:07:00 | NSA warns of Russian state-sponsored hackers exploiting VMWare vulnerability (lien direct) | Russian hackers are using a VMWare bug to plant web shells inside hacked networks and pivot to Microsoft ADFS servers from where they steal sensitive data. | Vulnerability | ||
|
2020-12-01 09:00:03 | 2020\'s worst cryptocurrency breaches, thefts, and exit scams (lien direct) | Cryptocurrency exchanges have felt the impact of everything from vulnerability exploit to social engineering scams over this year. | Vulnerability | ||
|
2020-11-25 20:46:28 | Security researcher accidentally discovers Windows 7 and Windows Server 2008 zero-day (lien direct) | The vulnerability was discovered while the security researcher was working on a Windows security tool. | Vulnerability | ||
|
2020-11-20 17:55:35 | Drupal sites vulnerable to double-extension attacks (lien direct) | The 90s called. They want their vulnerability back. | Vulnerability | ||
|
2020-11-02 06:00:03 | CERT/CC launches Twitter bot to give security bugs random names (lien direct) | CERT/CC attempts to reduce the use of sensationalized vulnerability names that needlessly scare software users. | Vulnerability | ★★★★ | |
|
2020-10-19 07:31:46 | Discord desktop app vulnerability chain triggered remote code execution attacks (lien direct) | The critical security issue was reported via the chat app's bug bounty program. | Vulnerability | ||
|
2020-10-05 23:50:39 | Microsoft says Iranian hackers are exploiting the Zerologon vulnerability (lien direct) | Microsoft links back the attacks to an Iranian hacker group known as Mercury, or MuddyWater. | Vulnerability | ||
|
2020-10-05 22:57:40 | Hackers claim they can now jailbreak Apple\'s T2 security chip (lien direct) | Jailbreak involves combining last year's checkm8 exploit with the Blackbird vulnerability disclosed this August. | Vulnerability | ★★★★ | |
|
2020-09-24 07:52:52 | Microsoft says it detected active attacks leveraging Zerologon vulnerability (lien direct) | Zerologon patching window is slowly closing as Microsoft warns of attacks in the wild. | Vulnerability Patching | ||
|
2020-09-22 16:00:03 | Healthcare lags behind in critical vulnerability management, banks hold their ground (lien direct) | New research sheds light on which industries are performing well when it comes to patching high-risk bugs. | Vulnerability Patching | ||
|
2020-09-10 12:28:52 | Secureworks acquires vulnerability management platform Delve (lien direct) | Delve's SaaS solution will join the Secureworks portfolio. | Vulnerability |
To see everything:
