Security News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has placed a security flaw impacting Versa Director to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of...
A new Chrome zero-day vulnerability (CVE-2024-7971) exploited by attackers in the wild has been fixed by Google. About CVE-2024-7971 CVE-2024-7971 is a high-severity vulnerability caused by a type...
Unless you're cool with an unauthorized criminal enjoying admin privileges to comb through your code A critical bug in GitHub Enterprise Server could allow an attacker to gain unauthorized access...
SolarWinds has released patches to address a critical security vulnerability in its Web Help Desk software that could be exploited to execute arbitrary code on susceptible instances. The flaw,...
Microsoft warned customers this Tuesday to patch a critical TCP/IP remote code execution (RCE) vulnerability with an increased likelihood of exploitation that impacts all Windows systems with IPv6...
Today is Microsoft's August 2024 Patch Tuesday, which includes security updates for 89 flaws, including six actively exploited and three publicly disclosed zero-days. Microsoft is still working on...
The bug allows malicious software and rogue privileged users with access to the operating system kernel to run code in System Management Mode, a highly privileged execution environment present in x86 processors from Intel and AMD. SinkClose is unique to AMD. SMM sits below the kernel and hypervisor, as well as applications, in that the management mode has unrestricted access to and control of the machine. ZenHammer comes down on AMD Zen 2 and 3 systems Apple, AMD, Qualcomm GPU security hole lets miscreants snoop on AI training and chats What's going on with AMD funding a CUDA translation layer, then nuking it? AMD's latest desktop CPUs feature lower prices yet again as Intel readies a fightback.
The maintainers of the FreeBSD Project have released security updates to address a high-severity flaw in OpenSSH that attackers could potentially exploit to execute arbitrary code remotely with elevated privileges. The vulnerability, tracked as CVE-2024-7589, carries a CVSS score of 7.4 out of a maximum of 10.0, indicating high severity.
Scaling data security solutions: What you need to knowIn this Help Net Security interview, Bruno Kurtic, President and CEO at Bedrock Security, discusses the role of data visibility in enhancing cybersecurity. AI security 2024: Key insights for staying ahead of threatsIn this Help Net Security interview, Kojin Oshiba, co-founder of Robust Intelligence, discusses his journey from academic research to addressing AI security challenges in the industry.
Microsoft has disclosed a high-severity zero-day vulnerability affecting Office 2016 and later, which is still waiting for a patch. [...]