Security News

Cybertech Europe 2023 video walkthroughIn this Help Net Security video, we take you inside Cybertech Europe 2023 at La Nuvola Convention Center in Rome. Tackling cyber risks head-on using security questionnairesIn this Help Net Security interview, Gaspard de Lacroix-Vaubois, CEO at Skypher, talks about the implementation of security questionnaires and how they facilitate assessments and accountability across all participants in the technology supply chain, fostering trust and safeguarding sensitive data.

The November Patch Tuesday cumulative update will include the Moment 4 features and updates. This patch Tuesday will include the last updates for Windows 11 21H2 and Microsoft Server 2012/2012 R2. The later go into Extended Security Support starting with a November release, and Microsoft also announced the keys used to enable these updates will be managed as part of Azure Arc.

Cisco has released updates to address a critical security flaw impacting Emergency Responder that allows unauthenticated, remote attackers to sign into susceptible systems using hard-coded...

Atlassian has released fixes to contain an actively exploited critical zero-day flaw impacting publicly accessible Confluence Data Center and Server instances. The vulnerability, tracked as...

Atlassian today said miscreants have exploited a critical bug in on-premises instances of Confluence Server and Confluence Data Center to create and abuse admin accounts within the enterprise colab software. "Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances," according to a Wednesday advisory from the software giant.

Chipmaker Qualcomm has released security updates to address 17 vulnerabilities in various components, while warning that three other zero-days have come under active exploitation. Of the 17 flaws,...

Arm has released security patches to contain a security flaw in the Mali GPU Kernel Driver that has come under active exploitation in the wild. Tracked as CVE-2023-4211, the shortcoming impacts...

Google on Wednesday rolled out fixes to address a new actively exploited zero-day in the Chrome browser. Tracked as CVE-2023-5217, the high-severity vulnerability has been described as a...

GitLab has fixed a critical vulnerability in the Enterprise Edition and Community Edition of its widely used DevOps platform. "Scan execution policy allows configuring built-in scanners for GitLab projects, such as static analysis and vulnerability scanning. These scanners are running in dedicated pipelines with a predefined set of permissions," Alex Ilgayev, head of security research at Cycode told Help Net Security.

Apple has released yet another round of security patches to address three actively exploited zero-day flaws impacting iOS, iPadOS, macOS, watchOS, and Safari, taking the total tally of zero-day...