What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2025-05-06 20:26:35 | \\ 'Exploitable facilement \\' La vulnérabilité de Langflow nécessite un correctif immédiat \\'Easily Exploitable\\' Langflow Vulnerability Requires Immediate Patching (lien direct) |
La vulnérabilité, qui a un score CVSS de 9,8, est attaquée et permet aux acteurs de la menace d'exécuter à distance des commandes arbitraires sur les serveurs exécutant le constructeur AI agentique.
The vulnerability, which has a CVSS score of 9.8, is under attack and allows threat actors to remotely execute arbitrary commands on servers running the agentic AI builder. |
Vulnerability Threat Patching | ★★★ | |
|
2024-12-19 17:46:16 | Orgs Scramble to Fix Actively Exploited Bug in Apache Struts 2 (lien direct) | A newly discovered vulnerability, CVE-2024-53677, in the aging Apache framework is going to cause major headaches for IT teams, since patching isn\'t enough to fix it.
A newly discovered vulnerability, CVE-2024-53677, in the aging Apache framework is going to cause major headaches for IT teams, since patching isn\'t enough to fix it. |
Vulnerability Patching | ★★ | |
|
2024-12-13 21:56:35 | Cleo MFT Zero-Day Exploits Are About Escalate, Analysts Warn (lien direct) | Defenders running the Cleo managed file transfer are urged to be on the lookout for the Cleopatra backdoor and other indicators of an ongoing ransomware campaign, as patching details remain foggy, and no CVE has been issued.
Defenders running the Cleo managed file transfer are urged to be on the lookout for the Cleopatra backdoor and other indicators of an ongoing ransomware campaign, as patching details remain foggy, and no CVE has been issued. |
Ransomware Vulnerability Threat Patching | ★★ | |
|
2024-10-02 13:00:00 | Les fabricants se classent comme la plus grande cible de Ransomware \\ Manufacturers Rank as Ransomware\\'s Biggest Target (lien direct) |
Des améliorations de la cybersécurité et des bases comme le patchage ne suivent pas le rythme de la croissance rapide du secteur manufacturier.
Improvements in cybersecurity and basics like patching aren\'t keeping pace with the manufacturing sector\'s rapid growth. |
Ransomware Patching | ★★★ | |
|
2024-10-01 21:41:35 | Zimbra rce vuln soumis à l'attaque nécessite des correctifs immédiats Zimbra RCE Vuln Under Attack Needs Immediate Patching (lien direct) |
Le bogue donne aux attaquants un moyen d'exécuter du code arbitraire sur les serveurs affectés et de les prendre le contrôle.
The bug gives attackers a way to run arbitrary code on affected servers and take control of them. |
Patching | ★★★ | |
|
2024-08-20 19:28:56 | Critical, activement exploité Jenkins RCE Bug subit un décalage de patch Critical, Actively Exploited Jenkins RCE Bug Suffers Patch Lag (lien direct) |
Un bogue de 7 mois dans un serveur CI / CD OSS est toujours activement exploité, grâce au correctif tacheté, prévient CISA.
A 7-month-old bug in an OSS CI/CD server is still being actively exploited, thanks to spotty patching, CISA warns. |
Patching | ★★ | |
|
2024-07-24 18:50:04 | Les cyberattaques exploitent Microsoft SmartScreen Bug dans le voleur Campagne Cyberattackers Exploit Microsoft SmartScreen Bug in Stealer Campaign (lien direct) |
La bonne nouvelle: seules les organisations éloignées sur les correctifs Windows standard ont quelque chose à craindre.
The good news: Only organizations far behind on standard Windows patching have anything to worry about. |
Threat Patching | ★★★ | |
|
2024-04-18 20:23:46 | GPT-4 peut exploiter la plupart des vulnes simplement en lisant les avis de menace GPT-4 Can Exploit Most Vulns Just by Reading Threat Advisories (lien direct) |
La technologie d'IA existante peut permettre aux pirates d'automatiser les exploits pour les vulnérabilités publiques en minutes à plat.Très bientôt, le correctif diligent ne sera plus facultatif.
Existing AI technology can allow hackers to automate exploits for public vulnerabilities in minutes flat. Very soon, diligent patching will no longer be optional. |
Vulnerability Threat Patching | ★★ | |
|
2024-03-28 21:15:17 | Les bogues IOS de Cisco permettent des attaques DOS non authentifiées et distantes Cisco IOS Bugs Allow Unauthenticated, Remote DoS Attacks (lien direct) |
Plusieurs produits Cisco, y compris les logiciels iOS, iOS XE et AP, ont besoin de correction de diverses vulnérabilités de sécurité à haut risque.
Several Cisco products, including IOS, IOS XE, and AP software, need patching against various high-risk security vulnerabilities. |
Vulnerability Patching | ★★ | |
|
2024-03-21 05:00:00 | Les émirats arabes unis sont des faces de cyber-risque intensifiés United Arab Emirates Faces Intensified Cyber-Risk (lien direct) |
Les EAU mènent le Moyen-Orient dans les efforts de transformation numérique, mais la technologie lente des correctifs et de l'héritage continue de contrecarrer sa posture de sécurité.
The UAE leads the Middle East in digital-transformation efforts, but slow patching and legacy technology continue to thwart its security posture. |
Patching | ★★★ | |
|
2024-02-13 16:28:37 | Ivanti obtient de mauvaises notes pour la réponse aux incidents cyber-incidents Ivanti Gets Poor Marks for Cyber Incident Response (lien direct) |
Les CVE critiques en cascade, les cyberattaques et les correctifs retardés affligent des VPN Ivanti et forcent les équipes de cybersécurité à se précipiter pour des solutions.Les chercheurs ne sont pas impressionnés.
Cascading critical CVEs, cyberattacks, and delayed patching are plaguing Ivanti VPNs, and forcing cybersecurity teams to scramble for solutions. Researchers are unimpressed. |
Patching | ★★★ | |
|
2024-01-19 11:00:00 | Les entreprises nigérianes sont confrontées à un ransomware croissant en tant que commerce Nigerian Businesses Face Growing Ransomware-as-a-Service Trade (lien direct) |
Le groupe de plaidoyer INFOSEC avertit que les mauvaises pratiques de correction et la dépendance à l'égard des logiciels fissurés augmentent les risques.
Infosec advocacy group warns that poor patching practices and reliance on cracked software increases risk. |
Patching | ★★★ | |
|
2024-01-16 18:00:00 | L'Afrique, le Moyen-Orient dirige les pairs en cybersécurité, mais lame à l'échelle mondiale Africa, Middle East Lead Peers in Cybersecurity, But Lag Globally (lien direct) |
Les deux régions obtiennent un score supérieur à la moyenne par rapport aux économies de taille similaire, mais investir dans des technologies mises à jour et des processus de correction aiderait la cyber-résilience à l'échelle mondiale.
Both regions score above average compared to similar sized economies, but investing in updated technologies and patching processes would help cyber resilience globally. |
Patching | ★★ | |
|
2023-12-22 18:00:00 | Google libère le huitième patch zéro-jour de 2023 pour Chrome Google Releases Eighth Zero-Day Patch of 2023 for Chrome (lien direct) |
CVE-2023-7024, exploité dans la nature avant le correctif, est une vulnérabilité chromée qui permet l'exécution de code distant dans le composant Webrtc du navigateur \\.
CVE-2023-7024, exploited in the wild prior to patching, is a Chrome vulnerability that allows remote code execution within the browser\'s WebRTC component. |
Vulnerability Threat Patching | ★★★ | |
|
2023-11-16 22:45:00 | Dangereux exploit activemq apache permet de contourner EDR furtif Dangerous Apache ActiveMQ Exploit Allows Stealthy EDR Bypass (lien direct) |
Il n'y a pas de temps à perdre: pour les organisations sur la clôture sur le correctif du bogue critique dans ActiveMQ, le nouvel exploit de preuve de concept devrait les pousser vers l'action.
There\'s no time to waste: For organizations on the fence about patching the critical bug in ActiveMQ, the new proof-of-concept exploit should push them towards action. |
Threat Patching | ★★ | |
|
2023-11-07 20:40:00 | CVSS 4.0 offre beaucoup plus de contexte de correction CVSS 4.0 Offers Significantly More Patching Context (lien direct) |
Le dernier système de notation de gravité de la vulnérabilité comble les lacunes dans la version précédente;Voici comment en tirer le meilleur parti.
The latest vulnerability severity scoring system addresses gaps in the previous version; here\'s how to get the most out of it. |
Vulnerability Patching | ★★★ | |
|
2023-11-03 21:51:00 | Exploit de bogues atlassian critique maintenant disponible;Patchage immédiat nécessaire Critical Atlassian Bug Exploit Now Available; Immediate Patching Needed (lien direct) |
L'activité d'exploitation dans les ventes de dizaines de réseaux de cyberattaques s'accélère pour la vulnérabilité de sécurité dans Confluence, suivi comme CVE-2023-22518.
In-the-wild exploit activity from dozens of cyberattacker networks is ramping up for the security vulnerability in Confluence, tracked as CVE-2023-22518. |
Vulnerability Threat Patching | ★★ | |
|
2023-10-13 17:20:00 | Microsoft fait ses débuts sur le programme BUG Bounty, offre 15 000 $ Microsoft Debuts AI Bug-Bounty Program, Offers $15K (lien direct) |
L'objectif du programme est de découvrir des vulnérabilités critiques ou importantes au sein du programme Bing propulsé par l'IA.
The goal of the program is to uncover critical or important vulnerabilities within the AI-powered Bing program. |
Vulnerability Patching | ★★★ | |
|
2023-06-23 20:44:00 | NSA: Black Lotus Bootkit Patching n'empêchera pas les compromis NSA: BlackLotus BootKit Patching Won\\'t Prevent Compromise (lien direct) |
On ne sait pas pourquoi la NSA a publié des conseils d'atténuation approfondis pour la menace de démarrage du logiciel maintenant, mais les organisations devraient prendre des mesures pour durcir leur environnement.
It\'s unclear why the NSA issued in-depth mitigation guidance for the software boot threat now, but orgs should take steps to harden their environments. |
Threat Patching | ★★ | |
|
2023-05-31 19:00:00 | Ce que les RSR d'Apple \\ révèlent sur la gestion des patchs Mac What Apple\\'s RSRs Reveal About Mac Patch Management (lien direct) |
Les mises à jour de la réponse à la sécurité rapide d'Apple \\ sont conçues pour corriger les vulnérabilités de sécurité critiques, mais combien de bien peuvent-ils faire lorsque le correctif est un processus de plusieurs semaines?
Apple\'s Rapid Security Response updates are designed to patch critical security vulnerabilities, but how much good can they do when patching is a weeks-long process? |
Patching | ★★ | |
|
2023-02-06 19:18:00 | Patching & Passwords Lead the Problem Pack for Cyber-Teams (lien direct) | Despite growing awareness, organizations remain plagued with unpatched vulnerabilities and weaknesses in credential policies. | Patching | ★★★ | |
|
2023-01-09 20:33:00 | Rackspace Ransomware Incident Highlights Risks of Relying on Mitigation Alone (lien direct) | Organizations often defer patching because of business disruption fears - but that didn't work out very well for Rackspace's Hosted Exchange service. | Ransomware Patching | ★★ | |
|
2022-09-29 23:56:38 | Aunalytics Launches Security Patching Platform as a Service (lien direct) | Expedited software patching and updating recognized as one of the most important processes to protect against system compromise from cyberattacks. | Patching | ||
|
2022-09-15 19:00:00 | Popular IoT Cameras Need Patching to Fend Off Catastrophic Attacks (lien direct) | Several models of EZVIZ cameras are open to total remote control by cyberattackers, and image exfiltration and decryption. | Patching | ||
|
2022-09-01 19:49:52 | Skyrocketing IoT Bug Disclosures Put Pressure on Security Teams (lien direct) | The expanding Internet of Things ecosystem is seeing a startling rate of vulnerability disclosures, leaving companies with a greater need for visibility into and patching of IoT devices. | Vulnerability Patching | ||
|
2022-07-13 00:33:43 | Getting Up and Running with Windows Autopatch (lien direct) | This Tech Tip outlines how system administrators can get started with automated continuous patching for their Windows devices and applications. | Patching | ||
|
2022-06-24 21:32:18 | Why We\'re Getting Vulnerability Management Wrong (lien direct) | Security is wasting time and resources patching low or no risk bugs. In this post, we examine why security practitioners need to rethink vulnerability management. | Vulnerability Patching | ||
|
2020-03-31 13:45:00 | Patching Poses Security Problems with Move to More Remote Work (lien direct) | Security teams were not ready for the wholesale move to remote work and the sudden expansion of the attack surface area, experts say. | Patching | ||
|
2019-12-23 10:00:00 | 20 Vulnerabilities to Prioritize Patching Before 2020 (lien direct) | Researchers list the top 20 vulnerabilities currently exploited by attack groups around the world. | Patching |
1
We have: 29 articles.
We have: 29 articles.
To see everything:
Our RSS (filtrered)
