SEC News

What's new arround internet

Last one

Src	Date (GMT)	Titre	Description	Tags	Stories	Notes
	2022-11-29 18:12:00	Oracle Fusion Middleware Vulnerability Actively Exploited in the Wild: CISA (lien direct)	The bug allows unauthenticated attackers with network access to compromise Oracle Access Manager	Vulnerability		★★★★
	2022-11-25 18:00:00	ConnectWise Fixes XSS Vulnerability that Could Lead to Remote Code Execution (lien direct)	Threat actors could exploit the flaw to take complete control of the ConnectWise platform	Vulnerability Threat		★★
	2022-11-25 17:15:00	Google Releases Chrome Patch to Fix New Zero-Day Vulnerability (lien direct)	The high-severity vulnerability refers to a heap buffer overflow in the GPU component	Vulnerability		★★★
	2022-11-25 16:15:00	Remote Code Execution Vulnerability Found in Windows Internet Key Exchange (lien direct)	The discovered vulnerabilities could have been exploited to target almost 1000 systems	Vulnerability
	2022-11-15 17:00:00	Remote Code Execution Discovered in Spotify\'s Backstage (lien direct)	Spotify ranked the vulnerability as critical, with a CVSS score of 9.8	Vulnerability
	2022-11-14 18:00:00	GitHub Now Supports Private Vulnerability Reporting For Public Repositories (lien direct)	The feature needs to be manually enabled by repository maintainers	Vulnerability		★★
	2022-11-10 16:00:00	Majority of Security Managers Lack Threat Intelligence Skills (lien direct)	The report suggests threat intelligence is a crucial source for vulnerability detection	Vulnerability Threat		★★★★
	2022-11-09 18:00:00	High-Risk Vulnerability Found in ABB\'s Flow Computers (lien direct)	Attackers could exploit it by sending a specially crafted message to an affected system node	Vulnerability
	2022-11-03 10:15:00	UK Security Agency to Scan the Country for Bugs (lien direct)	NCSC wants to determine "the vulnerability of the UK"	Vulnerability
	2022-10-25 16:00:00	(Déjà vu) Apple Fixes Actively Exploited iOS and iPadOS Zero-Day Vulnerability (lien direct)	The out-of-bounds write issue in the kernel could be exploited to execute arbitrary code	Vulnerability
	2022-10-18 16:00:00	HelpSystems Patch Falls Short, RCE Vulnerability in Cobalt Strike Remains (lien direct)	Certain components in Java Swing will interpret text as HTML content if it starts with	Vulnerability
	2022-10-12 09:20:00	Claroty Found Hardcoded Cryptographic Keys in Siemens PLCs Using RCE (lien direct)	The vulnerability has been assigned a CVE – Siemens has already updated affected systems and published recommendations for mitigating the risk	Vulnerability
	2022-10-04 17:00:00	CISA Directive Improves Asset Visibility, Vulnerability Detection on Federal Networks (lien direct)	It requires some federal agencies to perform automated asset discovery every seven days	Vulnerability
	2022-10-03 15:00:00	Lazarus Group Exploits Dell Driver Vulnerability to Bypass Windows Security (lien direct)	ESET said the vulnerability was exploited at least twice via a specific user-mode module	Vulnerability	APT 38
	2022-09-21 16:00:00	350K Open-Source Projects At Risk of Supply Chain Vulnerability (lien direct)	The flaw resides in the tarfile module, automatically installed in any Python project	Vulnerability
	2022-09-20 17:00:00	Critical Vulnerability in Oracle Cloud Infrastructure Allowed Unauthorized Access (lien direct)	Potential attacks resulting from it may include privilege escalation and cross–tenant access	Vulnerability
	2022-09-02 15:45:00	Google Chrome Vulnerability Lets Sites Quietly Overwrite Clipboard Contents (lien direct)	The bug was discovered by developer Jeff Johnson, who detailed his findings in a blog post	Vulnerability
	2022-09-01 14:50:00	(Déjà vu) Apple Releases Update for iOS 12 to Patch Exploited Vulnerability (lien direct)	The flaw would allow the processing of maliciously crafted web content and arbitrary code execution	Vulnerability
	2022-09-01 08:50:00	Microsoft Finds Account Takeover Bug in TikTok (lien direct)	Vulnerability impacted social media firm's Android app	Vulnerability		★★★★
	2022-08-24 14:30:00	IoT Vulnerability Disclosures Up 57% in Six Months, Claroty Reveals (lien direct)	The research also found that vendor self-disclosures increased by 69%	Vulnerability
	2022-08-23 16:30:00	CISA Adds Palo Alto Networks\' PAN-OS Vulnerability to Catalog (lien direct)	The flaw would allow a network-based unauthenticated threat actor to perform DoS attacks	Vulnerability Threat
	2022-08-19 14:00:00	Apple Warns of Critical Security Risk in Safari For iPhones, iPads and Macs (lien direct)	The vulnerability gave hackers the ability to infiltrate WebKit, the engine that powers Safari	Vulnerability
	2022-08-11 16:30:00	Zimbra RCE Vulnerability Exploited Without Admin Privileges (lien direct)	Over 1,000 ZCS instances around the world were reportedly backdoored and compromised	Vulnerability
	2022-08-04 16:00:00	Hackers Exploit Atlassian Confluence Vulnerability to Deploy New \'Ljl\' Backdoor (lien direct)	The TA likely used RAR and 7zip to archive files and folders from multiple directories	Vulnerability
	2022-08-02 15:00:00	Google Patches Critical Android Bluetooth Flaw in August Security Bulletin (lien direct)	The Bluetooth vulnerability has been patched on Android 10, 11, 12 and 12L	Vulnerability
	2022-07-06 10:00:00	Google Patches Chrome Zero Day Under Attack (lien direct)	Rapid fix for vulnerability being exploited in the wild	Vulnerability
	2022-07-04 08:45:00	HackerOne Insider Defrauded Customers (lien direct)	Former employee re-submitted vulnerability data for personal gain	Vulnerability
	2022-06-29 16:30:00	New UnRAR Vulnerability Could Lead to Zimbra Webmail Hack (lien direct)	Successful exploitation would give an attacker access to all emails on a compromised server	Hack Vulnerability
	2022-06-29 16:00:00	Amazon Fixes High Severity Vulnerability in Amazon Photos Android App (lien direct)	The vulnerability derived from a misconfiguration of one of the Photos app's components	Vulnerability
	2022-06-17 16:00:00	WordPress Updates More Than a Million Sites to Fix Critical Ninja Forms Vulnerability (lien direct)	The code injection vulnerability allowed attackers to call methods in various Ninja Forms classes	Vulnerability
	2022-06-06 16:00:00	Critical Vulnerability Found in Motorola\'s Unisoc Chips (lien direct)	Checkpoint Research spotted a critical vulnerability in Unisoc Tiger T700 chips in three Motorola models	Vulnerability
	2022-04-06 09:00:00	Almost a Fifth of Global Firms Targeted with Spring4Shell (lien direct)	New vulnerability exploited most widely in Europe	Vulnerability
	2022-03-31 08:45:00	No Patch Available Yet for Critical SpringShell Bug (lien direct)	Vulnerability has echoes of infamous Struts and Log4Shell vulnerabilities	Vulnerability		★★★
	2022-03-03 17:00:00	Most Disclosed ICS Vulnerabilities are Low Complexity (lien direct)	Past four years sees surge in ICS vulnerability disclosures with most vulnerabilities of low complexity	Vulnerability
	2022-02-24 10:00:00	Vishing Makes Phishing Campaigns Three-Times More Successful (lien direct)	However, vulnerability exploitation remained a major threat in 2021	Vulnerability Threat
	2022-02-18 09:25:00	High Severity WordPress Plugin Bug Hits Three Million (lien direct)	Vulnerability could enable threat actors to access backups	Vulnerability Threat		★★★★
	2022-02-07 09:34:00	Crypto Firm Meter Loses $4.4m in Cyber-Heist (lien direct)	Attacker exploited vulnerability in bridging technology	Vulnerability
	2022-02-04 18:30:00	Major Vulnerability Found in Argo CD (lien direct)	Malicious Kubernetes Helm Charts can be exploited to steal sensitive data	Vulnerability	Uber
	2022-02-03 09:06:00	Online Thieves Steal $320m from Crypto Firm Wormhole (lien direct)	Attackers exploited a vulnerability to harvest 120K Ethereum	Vulnerability
	2022-01-27 17:00:00	Hacker Flags Flaw in Swiss Railway System (lien direct)	Vulnerability exposed personal data of 500k commuters	Vulnerability
	2022-01-26 10:45:00	Experts Reveals 29% Surge in Bugs Used by Ransomware Actors (lien direct)	Vulnerability exploitation increasingly popular way to compromise victims	Ransomware Vulnerability		★★★★★
	2022-01-14 17:42:00	Flaw Found in Biometric ID Devices (lien direct)	Vulnerability in access control devices allows attackers to unlock doors and enter protected areas	Vulnerability
	2022-01-14 10:10:00	AWS Patches Glue Bug That Put Customer Data at Risk (lien direct)	Superglue vulnerability was enabled by internal misconfiguration	Vulnerability
	2022-01-07 09:26:00	Researchers Warn of New Log4Shell-Like Java Vulnerability (lien direct)	RCE bug found in popular H2 database console	Vulnerability
	2021-12-14 11:05:00	Experts: Log4j Bug Could Be Exploited for “Years” (lien direct)	Vulnerability could remain stubbornly difficult to find and patch	Vulnerability
	2021-12-13 09:15:00	“Worst-Case Scenario” Log4j Exploit Travels the Globe (lien direct)	Log4j vulnerability affects huge sweep of applications and vendors	Vulnerability
	2021-12-09 10:30:00	NVD: It\'s Another Record Year for Vulnerabilities (lien direct)	Fifth year in a row for record number of bugs published to National Vulnerability Database	Vulnerability
	2021-11-19 20:04:00	Sky Slow to Fix Bug in Routers (lien direct)	Entertainment company repeatedly pushed back updates after being notified of serious vulnerability	Vulnerability
	2021-10-25 08:36:00	BlackMatter Bug Saved Victims Millions in Ransom Payments (lien direct)	Emsisoft claims to have vulnerability info on over 10 other variants	Vulnerability
	2021-10-15 08:11:00	Missouri Governor Slammed for Vow to Prosecute Researcher (lien direct)	Reporter responsibly disclosed vulnerability in education website	Vulnerability

Last update at: 2024-05-20 15:08:05
See our sources.

To see everything: Our RSS (filtrered)