Security Archives - Page 60 of 519

Pierluigi Paganini August 16, 2024

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Many Google Pixel devices shipped since September 2017 have included a vulnerable app that could be exploited for malicious purposes. Many Google Pixel devices shipped since September 2017 have included dormant software that could be exploited by attackers to compromise them. Researchers form mobile security firm iVerify reported that the issue stems from a pre-installed […]

Pierluigi Paganini August 16, 2024

Microsoft urges customers to fix zero-click Windows RCE in the TCP/IP stack

Microsoft addressed a critical zero-click Windows remote code execution (RCE) in the TCP/IP stack that impacts all systems with IPv6 enabled. Microsoft urges customers to fix a critical TCP/IP remote code execution (RCE) flaw, tracked as CVE-2024-38063 (CVSS score 9.8), in the TCP/IP stack. The vulnerability impacts all systems with IPv6 enabled (IPv6 is enabled by […]

Pierluigi Paganini August 15, 2024

Google disrupted hacking campaigns carried out by Iran-linked APT42

Google disrupted a hacking campaign carried out by the Iran-linked APT group APT42 targeting the US presidential election. Google announced that it disrupted a hacking campaign carried out by Iran-linked group APT42 (Calanque, UNC788) that targeted the personal email accounts of individuals associated with the US elections. APT42 focuses on highly targeted spear-phishing and social […]

Pierluigi Paganini August 14, 2024

SolarWinds addressed a critical RCE in all Web Help Desk versions

SolarWinds addressed a critical remote code execution vulnerability in its Web Help Desk solution for customer support. SolarWinds fixed a critical vulnerability, tracked as CVE-2024-28986 (CVSS score 9.8), in SolarWinds’ Web Help Desk solution for customer support. The flaw is a Java deserialization issue that an attacker can exploit to run commands on a vulnerable host leading to […]

Pierluigi Paganini August 14, 2024

Kootenai Health data breach impacted 464,000 patients

Kootenai Health suffered a data breach impacting over 464,000 patients following a 3AM ransomware attack. Kootenai Health disclosed a data breach impacting over 464,088 patients following the leak of their personal information by the ThreeAM (3AM) ransomware gang. Kootenai Health is a healthcare organization based in Coeur d’Alene, Idaho. It is a regional medical center […]

Pierluigi Paganini August 14, 2024

Microsoft Patch Tuesday security updates for August 2024 addressed six actively exploited bugs

Microsoft’s August 2024 Patch Tuesday addressed 90 vulnerabilities, including six that are actively exploited. Patch Tuesday security updates for August 2024 addressed 90 vulnerabilities in Microsoft products including Windows and Windows Components; Office and Office Components; .NET and Visual Studio; Azure; Co-Pilot; Microsoft Dynamics; Teams; and Secure Boot and others, bringing the total to 102 […]

Pierluigi Paganini August 13, 2024

Elon Musk claims that a DDoS attack caused problems with the livestream interview with Donald Trump

Elon Musk claims that the livestream interview with Donald Trump on the X social media platform was impacted by a cyberattack. Elon Musk claims that a massive DDoS attack caused problems with the announced interview with Donald Trump on the X platform Monday night. “There appears to be a massive DDOS attack on 𝕏. Working on shutting […]

Pierluigi Paganini August 12, 2024

A FreeBSD flaw could allow remote code execution, patch it now!

FreeBSD Project maintainers addressed a high-severity flaw in OpenSSH that could allow remote code execution with elevated privileges. The maintainers of the FreeBSD Project have released urgent security updates to address a high-severity flaw, tracked as CVE-2024-7589, (CVSS score of 7.4) in OpenSSH. A remote attacker could exploit the vulnerability to execute arbitrary code with elevated […]

Pierluigi Paganini August 12, 2024

Microsoft found OpenVPN bugs that can be chained to achieve RCE and LPE

Microsoft found four bugs in OpenVPN that could be chained to achieve remote code execution and local privilege escalation. During the Black Hat USA 2024 conference, Microsoft researchers disclosed multiple medium-severity bugs in the open-source project OpenVPN that could be chained to achieve remote code execution (RCE) and local privilege escalation (LPE). OpenVPN is an […]

Pierluigi Paganini August 10, 2024

Sonos smart speakers flaw allowed to eavesdrop on users

NCC Group discovered vulnerabilities in Sonos smart speakers, including a flaw that could have allowed to eavesdrop on users. Researchers from NCC Group have discovered multiple vulnerabilities in Sonos smart speakers, including a flaw, tracked as CVE-2023-50809, that could have allowed eavesdropping on users. The researchers have disclosed the vulnerabilities during the BLACK HAT USA […]

Security

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Microsoft urges customers to fix zero-click Windows RCE in the TCP/IP stack

Google disrupted hacking campaigns carried out by Iran-linked APT42

SolarWinds addressed a critical RCE in all Web Help Desk versions

Kootenai Health data breach impacted 464,000 patients

Microsoft Patch Tuesday security updates for August 2024 addressed six actively exploited bugs

Elon Musk claims that a DDoS attack caused problems with the livestream interview with Donald Trump

A FreeBSD flaw could allow remote code execution, patch it now!

Microsoft found OpenVPN bugs that can be chained to achieve RCE and LPE

Sonos smart speakers flaw allowed to eavesdrop on users

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Koske, a new AI-Generated Linux malware appears in the threat landscape

Mitel patches critical MiVoice MX-ONE Auth bypass flaw

Coyote malware is first-ever malware abusing Windows UI Automation

SonicWall fixed critical flaw in SMA 100 devices exploited in Overstep malware attacks

DSPM & AI Are Booming: $17.87B and $4.8T Markets by 2033

QUICK LINKS

Security

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!