#security-vulnerabilities

[ follow ]
#cybersecurity
Information security
fromThe Hacker News
4 months ago

New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials

Xerox VersaLink printers have serious security vulnerabilities that can lead to credential theft.
The vulnerabilities can allow attackers to redirect authentication information to rogue servers.
Effective exploitation of these vulnerabilities requires specific conditions, including access to MFP configuration and user address books.
Information security
fromTheregister
3 months ago

CISA warns of new malware targeting Ivanti flaw

Ivanti products face a new malware threat called Resurge, exploiting a critical vulnerability. Immediate action is required to protect systems.
Information security
fromThe Hacker News
8 months ago

Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries

Multiple vulnerabilities in MMS protocol can severely impact industrial environments, allowing potential crashes and remote code execution.
Information security
fromThe Hacker News
4 months ago

New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials

Xerox VersaLink printers have serious security vulnerabilities that can lead to credential theft.
The vulnerabilities can allow attackers to redirect authentication information to rogue servers.
Effective exploitation of these vulnerabilities requires specific conditions, including access to MFP configuration and user address books.
Information security
fromTheregister
3 months ago

CISA warns of new malware targeting Ivanti flaw

Ivanti products face a new malware threat called Resurge, exploiting a critical vulnerability. Immediate action is required to protect systems.
Information security
fromThe Hacker News
8 months ago

Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries

Multiple vulnerabilities in MMS protocol can severely impact industrial environments, allowing potential crashes and remote code execution.
more#cybersecurity
fromTheregister
3 weeks ago

Sitecore fixes pre-auth RCE exploits in enterprise CMS

This is sadly not a joke. The hardcoded password 'b' is a significant vulnerability that poses a risk across multiple organizations using Sitecore.
Privacy technologies
#linux
fromITPro
3 months ago
Privacy technologies

Qualys discovers three bypasses of Ubuntu's unprivileged user namespace restrictions

fromITPro
3 months ago
Privacy technologies

Qualys discovers three bypasses of Ubuntu's unprivileged user namespace restrictions

more#linux
fromThe Cyber Express
1 month ago

Multer Vulnerabilities Expose Node.js Apps To DoS Attacks

The high-severity vulnerabilities in Multer allow attackers to cause a Denial of Service (DoS) by sending malformed multi-part upload requests, crashing Node.js applications.
Node JS
Tech industry
fromTheregister
1 month ago

Intel data-leaking Spectre defenses scared off once again

ETH Zurich researchers developed a method to bypass Intel's protections against Spectre vulnerabilities, highlighting ongoing security concerns.
fromInfoQ
2 months ago

Spring News Roundup: RCs of Spring Boot, Data, Security, Auth, Session, Integration, Web Services

The first release candidate of Spring Boot 3.5.0 introduces significant bug fixes, dependency upgrades, and new annotations to enhance servlet and filter registration.
Web frameworks
#data-protection
Information security
fromDevOps.com
5 months ago

The State of Application Risk: Key Findings Reveal Widespread Security Vulnerabilities - DevOps.com

Enterprise software development environments are critically vulnerable, as all organizations face high security risks.
Traditional application security approaches are ineffective against modern threats, leaving organizations exposed.
Information security
fromDevOps.com
5 months ago

The State of Application Risk: Key Findings Reveal Widespread Security Vulnerabilities - DevOps.com

Enterprise software development environments are critically vulnerable, as all organizations face high security risks.
Traditional application security approaches are ineffective against modern threats, leaving organizations exposed.
more#data-protection
London startup
fromDeveloper Tech News
3 months ago

Security flaws hit PyTorch Lightning deep learning framework

PyTorch Lightning has critical security flaws due to deserialisation vulnerabilities, potentially allowing arbitrary code execution from untrusted model files.
Gadgets
fromwww.theguardian.com
3 months ago

Hyundai facing legal action over car that can be stolen effortlessly in seconds'

Hyundai is facing lawsuits for not warning customers about easy thefts of its electric cars.
Roam Research
fromSecuritymagazine
3 months ago

27,000 records in Australian fintech database were exposed

An exposed Amazon S3 database for Vroom by YouX contained sensitive records, highlighting severe security risks associated with unprotected data.
#kubernetes
more#kubernetes
Privacy technologies
fromTechRepublic
3 months ago

Billions of Devices at Risk of Hacking Due to Hidden Commands

Undocumented commands in the ESP32 Bluetooth chip pose serious security risks, enabling potential impersonation and memory manipulation.
Web development
fromSmashing Magazine
4 months ago

How OWASP Helps You Secure Your Full-Stack Web Applications - Smashing Magazine

The OWASP vulnerabilities list is essential for web developers to establish security measures against common threats.
fromTheregister
6 months ago

MediaTek says 'Happy New Year' with critical RCE, other bugs

MediaTek disclosed a critical remote code execution vulnerability affecting 51 chipsets, which could lead to serious security risks if exploited.
Information security
Information security
fromTechCrunch
8 months ago

Socket lands a fresh $40M to scan software for security flaws | TechCrunch

The software supply chain is currently at high risk, particularly with outdated open-source components leading to security vulnerabilities.
[ Load more ]