Security News

57% of respondents stated that remote work has increased the complexity and scale of patch management. A patch for the vulnerability exploited by the ransomware had existed for several months before the initial attack, yet many organizations failed to implement it.

Apache Software Foundation has released HTTP Web Server 2.4.51 after researchers discovered that a previous security update didn't correctly fix an actively exploited vulnerability. On Tuesday, Apache released Apache HTTP 2.4.50 to fix an actively exploited path traversal vulnerability in version 2.4.49.

Apache has issued patches to address two security vulnerabilities, including a path traversal and file disclosure flaw in its HTTP server that it said is being actively exploited in the wild. "A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root," the open-source project maintainers noted in an advisory published Tuesday.

The venerable Apache web server has just been updated to fix a dangerous remote code execution bug. This bug is already both widely-known and trivial to exploit, with examples now circulating freely on Twitter, and a single, innocent-looking web request aimed at your server could be enough for an attacker to take it over completely.

The Apache Software Foundation has hurried out a patch to address a pair of HTTP Web Server vulnerabilities, at least one of which is already being actively exploited. Apache's HTTP Server is widely used, and the vulnerabilities, CVE-2021-41524 and CVE-2021-41773, aren't great.

Unless you want to leak like a sieve The Apache Software Foundation has hurried out a patch to address a pair of HTTP Web Server vulnerabilities, at least one of which is already being actively exploited.…

The Apache Software Foundation has released version 2.4.50 of the HTTP Web Server to address two vulnerabilities, one of which is an actively exploited path traversal and file disclosure flaw.The Apache HTTP Server is an open-source, cross-platform web server that is extremely popular for being versatile, robust, and free.

The Apache Software Foundation has released version 2.4.50 of the HTTP Web Server to address two vulnerabilities, one of which is an actively exploited path traversal and file disclosure flaw. The Apache HTTP Server is an open-source, cross-platform web server that is extremely popular for being versatile, robust, and free.

Google has released the Android October security updates, addressing 41 vulnerabilities, all ranging between high and critical severity. On the 5th of each month, Google releases the complete security patch for the Android OS which contains both the framework and the vendor fixes for that month.

Google on Thursday pushed urgent security fixes for its Chrome browser, including a pair of new security weaknesses that the company said are being exploited in the wild, making them the fourth and fifth actively zero-days plugged this month alone. As is usually the case, the tech giant has refrained from sharing any additional details regarding how these zero-day vulnerabilities were used in attacks until a majority of users are updated with the patches, but noted that it's aware that "Exploits for CVE-2021-37975 and CVE-2021-37976 exist in the wild."