Security Archives - Page 68 of 519

Pierluigi Paganini June 20, 2024

Atlassian fixed six high-severity bugs in Confluence Data Center and Server

Australian software company Atlassian addressed multiple high-severity vulnerabilities in its Confluence, Crucible, and Jira solutions. Atlassian June 2024 Security Bulletin addressed nine high-severity vulnerabilities in Confluence, Crucible, and Jira products. The most severe issue addressed by the company is an improper authorization org.springframework.security:spring-security-core dependency in Confluence Data Center and Server. The flaw tracked as CVE-2024-22257 […]

Pierluigi Paganini June 19, 2024

Google Chrome 126 update addresses multiple high-severity flaws

Google released Chrome 126 update that addresses a high-severity vulnerability demonstrated at the TyphoonPWN 2024 hacking competition. Google has issued a Chrome 126 security update, addressing six vulnerabilities, including a flaw, tracked as CVE-2024-6100 which was demonstrated during the SSD Secure Disclosure’s TyphoonPWN 2024. TyphoonPWN is a live hacking competition held annually at TyphoonCon, an […]

Pierluigi Paganini June 18, 2024

VMware fixed RCE and privilege escalation bugs in vCenter Server

VMware addressed vCenter Server vulnerabilities that can allow remote code execution or privilege escalation. VMware addressed multiple vCenter Server vulnerabilities that remote attackers can exploit to achieve remote code execution or privilege escalation. vCenter Server is a centralized management platform developed by VMware for managing virtualized environments. The vCenter Server contains multiple heap-overflow flaws, tracked […]

Pierluigi Paganini June 18, 2024

Meta delays training its AI using public content shared by EU users

Meta announced it is postponing the training of its large language models using public content from adult Facebook and Instagram users in the EU. Meta announced it is delaying the training of its large language models (LLMs) using public content shared by adults on Facebook and Instagram following the Irish Data Protection Commission (DPC) request. […]

Pierluigi Paganini June 17, 2024

Online job offers, the reshipping and money mule scams

Offers that promise easy earnings can also bring with them a host of scams that deceive those who are genuinely seeking income opportunities. Often, behind these enticing offers are pyramid schemes in which profits are generated through the recruitment of new participants, rather than through actual service, sometimes even causing significant financial losses. Other false […]

Pierluigi Paganini June 16, 2024

ASUS fixed critical remote authentication bypass bug in several routers

Taiwanese manufacturer giant ASUS addressed a critical remote authentication bypass vulnerability impacting several router models. ASUS addresses a critical remote authentication bypass vulnerability, tracked as CVE-2024-3080 (CVSS v3.1 score: 9.8), impacting seven router models. The flaw is an authentication bypass issue that a remote attacker can exploit to log into the device without authentication. The flaw impacts […]

Pierluigi Paganini June 14, 2024

CISA adds Android Pixel, Microsoft Windows, Progress Telerik Report Server bugs to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Android Pixel, Microsoft Windows, Progress Telerik Report Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: CVE-2024-32896 is an elevation of privilege vulnerability in the Pixel Firmware, which has been […]

Pierluigi Paganini June 14, 2024

City of Cleveland still working to fully restore systems impacted by a cyber attack

Early this week, the City of Cleveland suffered a cyber attack that impacted multiple services. The City is working to restore impacted systems. On Monday, the City of Cleveland announced it was the victim of a cyber attack and was forced to take some of its systems offline to contain the threat. The City is […]

Pierluigi Paganini June 13, 2024

Google fixed an actively exploited zero-day in the Pixel Firmware

Google is warning of a security vulnerability impacting its Pixel Firmware that has been actively exploited in the wild as a zero-day. Google warned of an elevation of privilege vulnerability, tracked as CVE-2024-32896, in the Pixel Firmware, which has been exploited in the wild as a zero-day. “There are indications that CVE-2024-32896 may be under limited, […]

Pierluigi Paganini June 13, 2024

Multiple flaws in Fortinet FortiOS fixed

Fortinet released security updates to address multiple vulnerabilities in FortiOS, including a high-severity code execution security issue. Fortinet addressed multiple vulnerabilities in FortiOS and other products, including some code execution flaws. The company states that multiple stack-based buffer overflow vulnerabilities in the command line interpreter of FortiOS [CWE-121], collectively tracked as CVE-2024-23110 (CVSS score of […]

Security

Atlassian fixed six high-severity bugs in Confluence Data Center and Server

Google Chrome 126 update addresses multiple high-severity flaws

VMware fixed RCE and privilege escalation bugs in vCenter Server

Meta delays training its AI using public content shared by EU users

Online job offers, the reshipping and money mule scams

ASUS fixed critical remote authentication bypass bug in several routers

CISA adds Android Pixel, Microsoft Windows, Progress Telerik Report Server bugs to its Known Exploited Vulnerabilities catalog

City of Cleveland still working to fully restore systems impacted by a cyber attack

Google fixed an actively exploited zero-day in the Pixel Firmware

Multiple flaws in Fortinet FortiOS fixed

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Coyote malware is first-ever malware abusing Windows UI Automation

SonicWall fixed critical flaw in SMA 100 devices exploited in Overstep malware attacks

DSPM & AI Are Booming: $17.87B and $4.8T Markets by 2033

Stealth backdoor found in WordPress mu-Plugins folder

U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog

QUICK LINKS

Security

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!