Security
Headlines
HeadlinesLatestCVEs

Tag

#sap

Citrix, VMware, and Atlassian Hit with Critical Flaws — Patch ASAP!

Citrix is warning of two zero-day security vulnerabilities in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that are being actively exploited in the wild. The flaws are listed below - CVE-2023-6548 (CVSS score: 5.5) - Authenticated (low privileged) remote code execution on Management Interface (requires access to NSIP, CLIP, or SNIP with management

The Hacker News
Open in Source
#vulnerability#web#dos#rce#vmware#auth#zero_day#sap#The Hacker News
A true tale of virtual kidnapping: Lock and Code S05E02

This week on the Lock and Code podcast, we tell the true story of a virtual kidnapping scam from December of last year.

A true tale of virtual kidnapping: Lock and Code S05E02

This week on the Lock and Code podcast, we tell the true story of a virtual kidnapping scam from December of last year.

3 Ransomware Group Newcomers to Watch in 2024

The ransomware industry surged in 2023 as it saw an alarming 55.5% increase in victims worldwide, reaching a staggering 4,368 cases.  Figure 1: Year over year victims per quarter The rollercoaster ride from explosive growth in 2021 to a momentary dip in 2022 was just a teaser—2023 roared back with the same fervor as 2021, propelling existing groups and ushering in a wave of formidable

Urgent: GitLab Releases Patch for Critical Vulnerabilities - Update ASAP

GitLab has released security updates to address two critical vulnerabilities, including one that could be exploited to take over accounts without requiring any user interaction. Tracked as CVE-2023-7028, the flaw has been awarded the maximum severity of 10.0 on the CVSS scoring system and could facilitate account takeover by sending password reset emails to an unverified email address. The

Child Abusers Are Getting Better at Using Crypto to Cover Their Tracks

Crypto tracing firm Chainalysis found that sellers of child sexual abuse materials are successfully using “mixers” and “privacy coins” like Monero to launder their profits and evade law enforcement.

Patch now! First patch Tuesday of 2024 is here

Microsoft's patch Tuesday roundup looks like a relatively quiet one. Unless your organization uses FBX files.

Microsoft's January 2024 Windows Update Patches 48 New Vulnerabilities

Microsoft has addressed a total of 48 security flaws spanning its software as part of its Patch Tuesday updates for January 2024. Of the 48 bugs, two are rated Critical and 46 are rated Important in severity. There is no evidence that any of the issues are publicly known or under active attack at the time of release, making it the second consecutive Patch Tuesday with no zero-days. The

23andMe Blames Users for Recent Data Breach as It's Hit With Dozens of Lawsuits

Plus: Russia hacks surveillance cameras as new details emerge of its attack on a Ukrainian telecom, a Google contractor pays for videos of kids to train AI, and more.

Microsoft disables ms-appinstaller after malicious use

Microsoft decided to disable App Installer links by default after it noticed several access brokers using the handler to spread malware.