What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-07-23 07:20:53 | IBM Verify Gateway vulnerability allowed remote attackers to brute-force their way in (lien direct) | The severe bug could be harnessed for brute-force attacks. | Vulnerability | ||
|
2020-07-22 22:53:31 | Google\'s Project Zero team won\'t be applying for Apple\'s SRD program (lien direct) | Other security researchers have expressed similar intentions to skip the Apple SRD program after the program rules give Apple full control of the vulnerability disclosure process. | Vulnerability | ||
|
2020-07-16 21:18:55 | DHS CISA tells government agencies to patch Windows Server DNS bug within 24h (lien direct) | CISA cites "likelihood of the vulnerability being exploited" and widespread use of Windows Server as primary reason for today's rare measure. | Vulnerability | ||
|
2020-07-14 17:43:00 | SigRed: A 17-year-old \'wormable\' vulnerability for hijacking Microsoft Windows Server (lien direct) | The vulnerability, fixed in Microsoft's Patch Tuesday, has been awarded a severity rating of 10.0. | Vulnerability | ||
|
2020-07-10 07:08:38 | KingComposer patches XSS flaw impacting 100,000 WordPress websites (lien direct) | The vulnerability could be exploited to execute malicious payloads in visitor browsers. | Vulnerability | ||
|
2020-07-09 18:00:00 | Zoom working on patching zero-day disclosed in Windows client (lien direct) | Security firm has disclosed today a zero-day vulnerability in Zoom's Windows client. | Vulnerability Patching | ||
|
2020-07-09 02:42:47 | Nvidia fixes code execution vulnerability in GeForce Experience (lien direct) | Security updates have also been released for the JetPack software development kit. | Vulnerability | ||
|
2020-07-08 17:16:14 | Google open-sources Tsunami vulnerability scanner (lien direct) | Google says Tsunami is an extensible network scanner for detecting high-severity vulnerabilities with as little false-positives as possible. | Vulnerability | ||
|
2020-07-03 19:44:00 | F5 patches vulnerability that received a CVSS 10 severity score (lien direct) | Remote code execution in F5 BIG-IP devices exposes governments, cloud providers, ISPs, banks, and many Fortune 500 companies to possible intrusions. | Vulnerability | ||
|
2020-06-09 19:27:00 | New CrossTalk attack impacts Intel\'s mobile, desktop, and server CPUs (lien direct) | Academics detail a new vulnerability named CrossTalk that can be used to leak data across Intel CPU cores. | Vulnerability | ★★★ | |
|
2020-06-08 19:51:00 | CallStranger vulnerability lets attacks bypass security systems and scan LANs (lien direct) | The CallStranger vulnerability can also be used to launch major DDoS attacks. | Vulnerability | ★★★★★ | |
|
2020-06-02 05:00:08 | VMware Cloud Director vulnerability could lead to hijack of enterprise server infrastructure (lien direct) | The security flaw handed over the keys to enterprise infrastructure. | Vulnerability | ||
|
2020-05-25 14:33:16 | Thousands of enterprise systems infected by new Blue Mockingbird malware gang (lien direct) | Hackers are exploiting a dangerous and hard to patch vulnerability to go after enterprise servers. | Malware Vulnerability | ||
|
2020-05-22 12:21:19 | Privilege escalation vulnerability patched in Docker Desktop for Windows (lien direct) | The security flaw could be used to trick the service into connecting to malicious processes. | Vulnerability | ||
|
2020-05-19 21:23:00 | NXNSAttack technique can be abused for large-scale DDoS attacks (lien direct) | New vulnerability in DNS server software can be leveraged for DDoS attacks with an 1620x amplification factor. | Vulnerability | ||
|
2020-05-19 04:20:06 | FBI warns about attacks on Magento online stores via old plugin vulnerability (lien direct) | FBI says hackers have been planting card skimmers on online stores by exploiting a 2017 bug in the MAGMI plugin. | Vulnerability | ★★ | |
|
2020-05-13 17:31:09 | PrintDemon vulnerability impacts all Windows versions (lien direct) | PrintDemon vulnerability impacts Windows versions released as far back as 1996. Patches available. | Vulnerability | ||
|
2020-05-06 18:35:00 | Samsung patches 0-click vulnerability impacting all smartphones sold since 2014 (lien direct) | Samsung patched this month a critical bug discovered by Google security researchers. | Vulnerability | ||
|
2020-05-06 12:56:55 | Search provider Algolia discloses security incident due to Salt vulnerability (lien direct) | Algolia now joins the ranks of LineageOS, Ghost, Digicert, and Xen Orchestra. | Vulnerability | ||
|
2020-05-03 17:46:00 | Ghost blogging platform servers hacked and infected with crypto-miner (lien direct) | Ghost platform got hacked via the same vulnerability that allowed hackers to breach LineageOS servers hours before. | Vulnerability | ||
|
2020-05-03 09:25:15 | Hackers breach LineageOS servers via unpatched vulnerability (lien direct) | LineageOS source code, OS builds, and signing keys were unaffected, developers said. | Vulnerability | ||
|
2020-05-01 10:22:09 | Ninja Forms WordPress bug exposed over a million users to XSS attacks, website hijacking (lien direct) | The severe XSS vulnerability permitted site takeover and visitor browser redirection to malicious websites. | Vulnerability | ||
|
2020-04-15 13:03:42 | Rapid7 launches AttackerKB, a service for crowdsourcing vulnerability assessments (lien direct) | AttackerKB portal enters public beta. | Vulnerability | ||
|
2020-04-09 13:00:04 | Bugcrowd vulnerability bounty platform snags $30 million in fresh funding round (lien direct) | The Series D round capitalizes on enterprise booking growth of 100%. | Vulnerability | ||
|
2020-03-19 13:34:41 | Cisco tackles root privilege vulnerability in SD-WAN software (lien direct) | Three vulnerabilities have been patched in SD-WAN, two of which can lead to root privilege escalation. | Vulnerability Guideline | ||
|
2020-03-18 11:50:05 | VMware patches privilege escalation vulnerability in Fusion, Horizon (lien direct) | Exploits to root systems with Fusion, VMRC or Horizon Client installations were possible. | Vulnerability | ||
|
2020-03-16 10:12:27 | Slack fixes vulnerability exploitable for session hijacking, account takeovers (lien direct) | Slack's team jumped on the critical bug and patched the flaw within a matter of hours. | Vulnerability | ||
|
2020-03-11 20:25:06 | Avast disables JavaScript engine in its antivirus following major bug (lien direct) | Vulnerability would have allowed attackers to take over computers running the Avast antivirus. | Vulnerability | ||
|
2020-03-10 20:58:00 | Details about new SMB wormable bug leak in Microsoft Patch Tuesday snafu (lien direct) | SMB vulnerability is currently not patched, but now everyone knows it's there. | Vulnerability | ||
|
2020-03-10 13:59:50 | Avast AntiTrack certificate bug allowed others to snoop on your online activities (lien direct) | The vulnerability opened up PCs to browser hijacking and more. | Vulnerability | ||
|
2020-02-28 14:34:00 | Ghostcat bug impacts all Apache Tomcat versions released in the last 13 years (lien direct) | Ghostcat vulnerability can allow hackers to read configuration files or plant backdoors on Tomcat servers. | Vulnerability | ||
|
2020-02-27 13:20:06 | Cisco patches incoming to address Kr00k vulnerability impacting routers, firewall products (lien direct) | There are no workarounds for the Wi-Fi communications bug. | Vulnerability | ||
|
2020-02-26 15:00:07 | New Kr00k vulnerability lets attackers decrypt WiFi packets (lien direct) | Kr00k affects devices using Broadcom and Cypress Wi-Fi chips. | Vulnerability | ★★★★★ | |
|
2020-02-24 10:00:27 | LTE security flaw can be abused to take out subscriptions at your expense (lien direct) | Researchers say the vulnerability impacts “virtually all” smartphones on the market. | Vulnerability | ||
|
2020-02-16 01:39:27 | IOTA cryptocurrency shuts down entire network after wallet hack (lien direct) | Hackers exploit vulnerability in official IOTA wallet to steal millions | Hack Vulnerability | ||
|
2020-02-14 10:27:00 | Nedbank says 1.7 million customers impacted by breach at third-party provider (lien direct) | Hacker(s) believed to have exploited a vulnerability to breach Nedbank's marketing contractor. | Vulnerability | ||
|
2020-02-13 14:08:27 | Critical XSS vulnerability patched in WordPress plugin GDPR Cookie Consent (lien direct) | The plugin is actively installed on over 700,000 websites. | Vulnerability | ||
|
2020-02-02 18:48:00 | Hackers are hijacking smart building access systems to launch DDoS attacks (lien direct) | More than 2,300 building access systems can be hijacked due to a severe vulnerability left without a fix. | Vulnerability | ||
|
2020-01-24 11:58:50 | Citrix releases new patches to plug critical server vulnerability (lien direct) | Additional versions of Citrix ADC and Citrix Gateway can now be protected against the severe security issue. | Vulnerability | ||
|
2020-01-20 07:58:00 | Citrix rolls out patches for critical ADC vulnerability exploited in the wild (lien direct) | Citrix is racing to develop patches for software builds vulnerable to the severe bug. | Vulnerability | ||
|
2020-01-17 13:10:22 | WordPress plugin vulnerability can be exploited for total website takeover (lien direct) | The “easily exploitable” bug in WP Database Reset has serious consequences for webmasters. | Vulnerability | APT 19 | |
|
2020-01-16 21:22:01 | FBI: Nation-state actors have breached two US municipalities (lien direct) | The SharePoint CVE-2019-0604 vulnerability has been one of the most targeted security flaw | Vulnerability | ||
|
2020-01-14 20:48:33 | Microsoft January 2020 Patch Tuesday fixes 49 security bugs (lien direct) | Today's patches also fix a major vulnerability in Windows' cryptographic library. | Vulnerability | ||
|
2020-01-10 18:21:35 | Hundreds of millions of cable modems are vulnerable to new Cable Haunt vulnerability (lien direct) | Cable modems using Broadcom chips are vulnerable to a new vulnerability named Cable Haunt, researchers say. | Vulnerability | ||
|
2020-01-09 14:52:01 | Hackers probe Citrix servers for weakness to remote code execution vulnerability (lien direct) | At least 80,000 organizations could be at risk. | Vulnerability | ||
|
2019-12-05 22:20:00 | New vulnerability lets attackers sniff or hijack VPN connections (lien direct) | OpenVPN, WireGuard, and IKEv2/IPSec VPNs are vulnerable to attacks. | Vulnerability | ★★★★★ | |
|
2019-12-05 12:22:36 | HackerOne awards $20,000 bug bounty for private data access vulnerability on its own platform (lien direct) | An analyst and a cut-and-paste job resulted in a critical security problem. | Vulnerability | ★★★ | |
|
2019-11-27 20:58:00 | Adobe discloses security breach impacting Magento Marketplace users (lien direct) | Security breach was detected last week and traced back to a vulnerability in the Magento Marketplace website. | Vulnerability | ||
|
2019-11-22 21:17:36 | Smartphone maker OnePlus discloses data breach (lien direct) | Hackers accessed some OnePlus customer data through a vulnerability in the vendor's website. | Data Breach Vulnerability | ||
|
2019-11-18 11:18:02 | Google patches \'awesome\' XSS vulnerability in Gmail dynamic email feature (lien direct) | The bug bounty hunter who disclosed the issue says the bug is a prime example of DOM Clobbering. | Vulnerability | ★★★★ |
To see everything:
Our RSS (filtrered)
