Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2024-07-17 19:47:38 |
La vulnérabilité dans Cisco Smart Software Manager permet aux attaquants de modifier tout mot de passe utilisateur Vulnerability in Cisco Smart Software Manager lets attackers change any user password (lien direct) |
Oui, les mots de passe pour les administrateurs peuvent également être modifiés.
Yep, passwords for administrators can be changed, too. |
Vulnerability
|
|
★★★
|
|
2024-05-06 20:35:29 |
Une nouvelle attaque contre pratiquement toutes les applications VPN sèche tout leur objectif Novel attack against virtually all VPN apps neuters their entire purpose (lien direct) |
La vulnérabilité de tunnelvision existe depuis 2002 et peut déjà être connue des attaquants.
TunnelVision vulnerability has existed since 2002 and may already be known to attackers. |
Vulnerability
|
|
★★★
|
|
2024-04-22 20:36:56 |
Vulnérabilité Windows rapportée par la NSA exploitée pour installer des logiciels malveillants russes Windows vulnerability reported by the NSA exploited to install Russian malware (lien direct) |
Microsoft n'a pas divulgué les exploits dans le groupe par le Kremlin jusqu'à présent.
Microsoft didn\'t disclose the in-the-wild exploits by Kremlin-backed group until now. |
Malware
Vulnerability
|
|
★★
|
|
2023-10-19 21:56:32 |
La dernière vulnérabilité de Citrix à haute sévérité sous attaque n'est pas facile à réparer The latest high-severity Citrix vulnerability under attack isn\\'t easy to fix (lien direct) |
Si vous exécutez un NetScaler ADC ou une passerelle, supposons qu'il soit compromis et agisse ... rapidement.
If you run a Netscaler ADC or Gateway, assume it\'s compromised and take action ... fast. |
Vulnerability
|
|
★★
|
|
2023-03-17 20:26:26 |
Google tells users of some Android phones: Nuke voice calling to avoid infection (lien direct) |
If your device runs Exynos chips, be very, very concerned. |
Vulnerability
|
|
★★★
|
|
2022-07-20 21:15:25 |
Pro-Russia hack campaigns are running rampant in Ukraine (lien direct) |
Hacks also exploit critical Follina vulnerability and phishing campaigns. |
Hack
Vulnerability
|
|
|
|
2022-06-07 01:02:11 |
Microsoft won\'t say if it will patch critical Windows vulnerability under exploit (lien direct) |
Slow to act on the code execution bug from the start, company is still in no hurry. |
Vulnerability
|
|
|
|
2022-06-03 23:41:13 |
Critical Atlassian 0-day is under active exploit. You\'re patched, right? (lien direct) |
Researchers who found vulnerability warn it's “dangerous and trivially exploited.” |
Vulnerability
|
|
|
|
2022-05-12 20:51:07 |
Zyxel silently patches command injection vulnerability with 9.8 severity rating (lien direct) |
Flaw makes it possible to install web shell to maintain control of affected devices. |
Vulnerability
|
|
★★★
|
|
2022-04-22 21:53:59 |
Hackers hammer SpringShell vulnerability in attempt to install cryptominers (lien direct) |
Thousands of hack attempts made in the days following discovery of the vulnerability. |
Hack
Vulnerability
|
|
★★★★
|
|
2022-03-24 21:20:52 |
North Korean hackers unleashed Chrome 0-day exploit on hundreds of US targets (lien direct) |
Critical vulnerability exploited by 2 groups both working for North Korean government. |
Vulnerability
|
|
|
|
2022-03-15 21:10:01 |
Researcher uses Dirty Pipe exploit to fully root a Pixel 6 Pro and Samsung S22 (lien direct) |
It was bound to happen. Worst Linux vulnerability in 6 years fells two popular handsets. |
Vulnerability
|
|
|
|
2022-03-08 02:39:43 |
Linux has been bitten by its most high-severity vulnerability in years (lien direct) |
Dirty Pipe has the potential to smudge people using Linux and Linux derivitives. |
Vulnerability
|
|
|
|
2022-02-18 21:08:00 |
Millions of WordPress sites get forced update to patch critical plugin flaw (lien direct) |
UpdraftPlus vulnerability allows untrusted visitors to download a full database backup. |
Vulnerability
|
|
|
|
2021-11-11 13:30:27 |
Researchers wait 12 months to report vulnerability with 9.8 out of 10 severity rating (lien direct) |
Palo Alto Networks patches critical buffer overflow bug in its GlobalProtect VPN. |
Vulnerability
|
|
|
|
2021-10-29 16:57:35 |
Microsoft reports SIP-bypassing “Shrootless” vulnerability in macOS (lien direct) |
Exploit based on SIP entitlement inheritance was patched by Apple on October 26. |
Vulnerability
|
|
|
|
2021-09-22 12:27:01 |
Unpatched macOS vulnerability lets remote attackers execute code (lien direct) |
Internet shortcuts come with code execution capability. Latest Mac not fully patched. |
Vulnerability
|
|
|
|
2021-09-14 15:00:02 |
Security researchers at Wiz discover another major Azure vulnerability (lien direct) |
A little-known management service handed unauthenticated attackers root access. |
Vulnerability
|
|
|
|
2021-09-02 14:20:39 |
NPM package with 3 million weekly downloads had a severe vulnerability (lien direct) |
Untrusted JavaScript config file can execute arbitrary code. |
Vulnerability
|
|
|
|
2021-08-27 21:00:37 |
“Worst cloud vulnerability you can imagine” discovered in Microsoft Azure (lien direct) |
30% of Cosmos DB customers were notified-more are likely impacted. |
Vulnerability
|
|
|
|
2021-07-26 20:54:02 |
iOS 14.7.1 and macOS 11.5.1 arrive with one bug fix and one security fix (lien direct) |
iOS 14.7.1 is a small update that fixes a security vulnerability and a Watch bug. |
Vulnerability
|
|
|
|
2021-07-07 22:10:37 |
Microsoft\'s emergency patch fails to fix critical “PrintNightmare” vulnerability (lien direct) |
Game-over code-execution attacks are still possible even after fix is installed. |
Vulnerability
|
|
|
|
2021-05-24 22:52:07 |
Actively exploited macOS 0day let hackers take screenshots of infected Macs (lien direct) |
Apple patches vulnerability that malware used to bypass macOS privacy protections. |
Malware
Vulnerability
|
|
|
|
2021-04-30 22:00:57 |
More US agencies potentially hacked, this time with Pulse Secure exploits (lien direct) |
Zeroday vulnerability under attack has a severity rating of 10 out of 10. |
Vulnerability
|
|
|
|
2021-04-27 11:49:29 |
Actively exploited Mac 0-day neutered core OS security defenses (lien direct) |
Apple fixes macOS vulnerability hackers exploited to suppress security warnings. |
Vulnerability
|
|
|
|
2021-04-07 22:15:38 |
How a VPN vulnerability allowed ransomware to disrupt two manufacturing plants (lien direct) |
Patching in industrial settings is hard. Ransomware shutting down production is harder. |
Ransomware
Patching
Vulnerability
|
|
|
|
2021-03-19 23:29:05 |
Hackers are exploiting a server vulnerability with a severity of 9.8 out of 10 (lien direct) |
As if the mass-exploitation of Exchange servers wasn't enough, now there's BIG-IP. |
Vulnerability
|
|
|
|
2021-02-26 21:37:13 |
Hard-coded key vulnerability in Logix PLCs has severity score of 10 out of 10 (lien direct) |
Critical authentication bypass flaw affects the entire Logix product line. |
Vulnerability
|
|
|
|
2021-02-13 12:10:41 |
(Déjà vu) A Windows Defender vulnerability lurked undetected for 12 years (lien direct) |
Microsoft patched the bug in its A/V program after researchers spotted it last fall. |
Vulnerability
|
|
|