Security Archives - Page 69 of 516

Pierluigi Paganini May 15, 2024

Adobe fixed multiple critical flaws in Acrobat and Reader

Adobe addressed multiple code execution vulnerabilities in several products, including Adobe Acrobat and Reader. Adobe addressed multiple code execution vulnerabilities in its products, including Adobe Acrobat and Reader software The software giant released its Patch Tuesday updates to fix 35 security vulnerabilities 12 of these issues impact Adobe Acrobat and Reader software. The arbitrary code execution […]

Pierluigi Paganini May 14, 2024

Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days

Microsoft Patch Tuesday security updates for May 2024 fixed 59 flaws across various products including an actively exploited zero-day. Microsoft Patch Tuesday security updates for May 2024 addressed 59 vulnerabilities in Windows and Windows Components; Office and Office Components; .NET Framework and Visual Studio; Microsoft Dynamics 365; Power BI; DHCP Server; Microsoft Edge (Chromium-based); and […]

Pierluigi Paganini May 14, 2024

MITRE released EMB3D Threat Model for embedded devices

The non-profit technology organization MITRE released the EMB3D threat model for embedded devices used in critical infrastructure. MITRE announced the public release of its EMB3D threat model for embedded devices used in various industries (i.e. Automotive, healthcare, and manufacturing), including critical infrastructure. The threat model provides a knowledge base of cyber threats to embedded devices. […]

Pierluigi Paganini May 14, 2024

Google fixes sixth actively exploited Chrome zero-day this year

Google released emergency security updates to address an actively exploited Chrome zero-day vulnerability. Google has released emergency security updates to address a high-severity zero-day vulnerability vulnerability, tracked as CVE-2024-4761, in the Chrome browser. The vulnerability is an out-of-bounds write issue that resides in the V8 JavaScript engine of the Google web browser. The company confirmed […]

Pierluigi Paganini May 13, 2024

Threat actors may have exploited a zero-day in older iPhones, Apple warns

Apple rolled out urgent security updates to address code execution vulnerabilities in iPhones, iPads, and macOS. Apple released urgent security updates to address multiple vulnerabilities in iPhones, iPads, macOS. The company also warns of a vulnerability patched in March that the company believes may have been exploited as a zero-day. The issue impacts older iPhone […]

Pierluigi Paganini May 13, 2024

Russian hackers defaced local British news sites

A group of hackers that defines itself as “first-class Russian hackers” claims the defacement of hundreds of local and regional British newspaper websites. A group claiming to be “first-class Russian hackers” defaced numerous local and regional British newspaper websites owned by Newsquest Media Group. The group defaced the home pages of the targeted websites and […]

Pierluigi Paganini May 10, 2024

Google fixes fifth actively exploited Chrome zero-day this year

Since the start of the year, Google released an update to fix the fifth actively exploited zero-day vulnerability in the Chrome browser. Google this week released security updates to address a zero-day flaw, tracked as CVE-2024-4671, in Chrome browser. The vulnerability is the fifth zero-day flaw in the Google browser that is exploited in the […]

Pierluigi Paganini May 10, 2024

Russia-linked APT28 targets government Polish institutions

CERT Polska warns of a large-scale malware campaign against Polish government institutions conducted by Russia-linked APT28. CERT Polska and CSIRT MON teams issued a warning about a large-scale malware campaign targeting Polish government institutions, allegedly orchestrated by the Russia-linked APT28 group. The attribution of the attacks to the Russian APT is based on similarities with […]

Pierluigi Paganini May 10, 2024

Citrix warns customers to update PuTTY version installed on their XenCenter system manually

Citrix urges customers to manually address a PuTTY SSH client flaw that could allow attackers to steal a XenCenter admin’s private SSH key. Versions of XenCenter for Citrix Hypervisor 8.2 CU1 LTSR used PuTTY, a third-party component, for SSH connections to guest VMs. However, PuTTY inclusion was deprecated with XenCenter version 8.2.6, and any versions […]

Pierluigi Paganini May 09, 2024

Experts warn of two BIG-IP Next Central Manager flaws that allow device takeover

Two high-severity vulnerabilities in BIG-IP Next Central Manager can be exploited to gain admin control and create hidden accounts on any managed assets. F5 has addressed two high-severity vulnerabilities, respectively tracked as CVE-2024-26026 and CVE-2024-21793, in BIG-IP Next Central Manager that can lead to device takeover. BIG-IP Next Central Manager (NCM) is a centralized management […]

Security

Adobe fixed multiple critical flaws in Acrobat and Reader

Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days

MITRE released EMB3D Threat Model for embedded devices

Google fixes sixth actively exploited Chrome zero-day this year

Threat actors may have exploited a zero-day in older iPhones, Apple warns

Russian hackers defaced local British news sites

Google fixes fifth actively exploited Chrome zero-day this year

Russia-linked APT28 targets government Polish institutions

Citrix warns customers to update PuTTY version installed on their XenCenter system manually

Experts warn of two BIG-IP Next Central Manager flaws that allow device takeover

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Hunters International ransomware gang shuts down and offers free decryption keys to all victims

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 52

Security Affairs newsletter Round 531 by Pierluigi Paganini – INTERNATIONAL EDITION

North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates

Critical Sudo bugs expose major Linux distros to local Root exploits

QUICK LINKS

Security

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!