• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

Coyote malware is first-ever malware abusing Windows UI Automation

 | 

SonicWall fixed critical flaw in SMA 100 devices exploited in Overstep malware attacks

 | 

DSPM & AI Are Booming: $17.87B and $4.8T Markets by 2033

 | 

Stealth backdoor found in WordPress mu-Plugins folder

 | 

U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog

 | 

U.S. CISA urges FCEB agencies to fix two Microsoft SharePoint flaws immediately and added them to its Known Exploited Vulnerabilities catalog

 | 

Sophos fixed two critical Sophos Firewall vulnerabilities

 | 

French Authorities confirm XSS.is admin arrested in Ukraine

 | 

Microsoft linked attacks on SharePoint flaws to China-nexus actors

 | 

Cisco confirms active exploitation of ISE and ISE-PIC flaws

 | 

SharePoint under fire: new ToolShell attacks target enterprises

 | 

CrushFTP zero-day actively exploited at least since July 18

 | 

Hardcoded credentials found in HPE Aruba Instant On Wi-Fi devices

 | 

MuddyWater deploys new DCHSpy variants amid Iran-Israel conflict

 | 

U.S. CISA urges to immediately patch Microsoft SharePoint flaw adding it to its Known Exploited Vulnerabilities catalog

 | 

Microsoft issues emergency patches for SharePoint zero-days exploited in "ToolShell" attacks

 | 

SharePoint zero-day CVE-2025-53770 actively exploited in the wild

 | 

Singapore warns China-linked group UNC3886 targets its critical infrastructure

 | 

U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 54

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me

DOS

Pierluigi Paganini February 23, 2021
IBM addressed flaws in Java Runtime, Planning Analytics Workspace, Kenexa LMS

IBM has released security patches to address high- and medium-severity vulnerabilities impacting some of its enterprise solutions.  IBM has released security updates to address several high- and medium-severity flaws affecting some of its enterprise products, including IBM Java Runtime, IBM Planning Analytics Workspace, and IBM Kenexa LMS On Premise.  Two issues, tracked as CVE-2020-14782 and […]

Pierluigi Paganini January 14, 2021
Expert discovered a DoS vulnerability in F5 BIG-IP systems

A security researcher discovered a flaw in the F5 BIG-IP product that can be exploited to conduct denial-of-service (DoS) attacks. The security expert Nikita Abramov from Positive Technologies discovered a DoS vulnerability, tracked as CVE-2020-27716, that affects certain versions of F5 BIG-IP Access Policy Manager (APM). The F5 BIG-IP Access Policy Manager is a secure, flexible, […]

Pierluigi Paganini January 13, 2021
Microsoft Patch Tuesday for January 2021 fixes 83 flaws, including an actively exploited issue

Microsoft Patch Tuesday security updates for January 2021 address 83 vulnerabilities, including a critical flaw actively exploited in the wild. Microsoft Patch Tuesday security updates for January 2021 fix 83 security vulnerabilities in multiple products, including Microsoft Windows, Edge (EdgeHTML-based), ChakraCore, Office and Microsoft Office Services and Web Apps, Visual Studio, Microsoft Malware Protection Engine, […]

Pierluigi Paganini January 07, 2021
Multiple flaws in Fortinet FortiWeb WAF could allow corporate networks to hack

An expert found multiple serious vulnerabilities in Fortinet’s FortiWeb web application firewall (WAF) that could expose corporate networks to hack. Andrey Medov, a security researcher at Positive Technologies, found multiple serious vulnerabilities in Fortinet’s FortiWeb web application firewall (WAF) that could be exploited by attackers to hack into corporate networks. The flaws, tracked as CVE-2020-29015, CVE-2020-29016, CVE-2020-29018, and […]

Pierluigi Paganini December 08, 2020
OpenSSL is affected by a ‘High Severity’ security flaw, update it now

The OpenSSL Project disclosed a serious security vulnerability in TLS/SSL toolkit that exposes users to denial-of-service (DoS) attacks. The OpenSSL Project warned of a ‘high-severity’ security vulnerability in the TLS/SSL toolkit that exposes users to denial-of-service (DoS) attacks. The flaw is a null pointer dereference, successful exploitation could trigger denial-of-service conditions. The vulnerability was reported […]

Pierluigi Paganini October 14, 2020
Talos experts disclosed unpatched DoS flaws in Allen-Bradley adapter

Cisco Talos found several remotely exploitable denial-of-service (DoS) vulnerabilities in a Rockwell Automation industrial automation product. A researcher from Cisco Talos released technical details of several remotely exploitable denial-of-service (DoS) vulnerabilities in an industrial automation product made by Rockwell Automation. The product affected by the flaw is the Allen-Bradley 1794-AENT Flex I/O series B adapter, […]

Pierluigi Paganini September 12, 2020
INVDoS, a severe DoS issue in Bitcoin core remained undisclosed for two years

The INVDoS (Bitcoin Inventory Out-of-Memory Denial-of-Service)Attack would have allowed hackers to crash Bitcoin nodes and alternative chains. Two years ago, the Bitcoin protocol engineer Braydon Fuller. discovered a major uncontrolled memory resource consumption denial-of-service vulnerability (INVDoS), tracked as CVE-2018-17145, that affected the peer-to-peer network code of three implementations of Bitcoin and other blockchains, including Litecoin, Namecoin, […]

Pierluigi Paganini September 10, 2020
Palo Alto Networks fixes severe Code Execution and DoS flaws in PAN-OS

Palo Alto Networks addressed critical and high-severity denial-of-service (DoS) and arbitrary code execution vulnerabilities in its PAN-OS firewall software. Palo Alto Networks has released security updates to patch critical and high-severity denial-of-service (DoS) and arbitrary code execution vulnerabilities in its PAN-OS firewall software. The most severe flaw is a buffer overflow issue can be exploited […]

Pierluigi Paganini August 31, 2020
Hackers are trying to exploit DoS flaw in Cisco IOS XR software running in carrier-grade routers

Cisco warns that threat actors are attempting to exploit a high severity DoS flaw in its Cisco IOS XR software that runs on carrier-grade routers. Cisco warned over the weekend that attackers are trying to exploit a high severity memory exhaustion denial-of-service (DoS) vulnerability (CVE-2020-3566) affecting the Cisco IOS XR Network OS that runs on carrier-grade routers. Cisco IOS XR […]

Pierluigi Paganini August 25, 2020
Google Project Zero expert found 3 flaws in Apache Web Server

Administrators of servers running Apache have to update their installs immediately to fix multiple vulnerabilities disclosed by a Google researcher. Apache Foundation released the 2.4.46 version to address three flaws affecting its web server software that could be potentially exploited by attackers, under specific conditions, to execute arbitrary code or to trigger a DoS condition […]

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • ...
  • 10
  • 11
  • 12

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    Coyote malware is first-ever malware abusing Windows UI Automation

    Malware / July 24, 2025

    SonicWall fixed critical flaw in SMA 100 devices exploited in Overstep malware attacks

    Security / July 24, 2025

    DSPM & AI Are Booming: $17.87B and $4.8T Markets by 2033

    Security / July 24, 2025

    Stealth backdoor found in WordPress mu-Plugins folder

    Malware / July 24, 2025

    U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog

    Hacking / July 24, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT