Security News

New Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel Processors
2024-10-29 05:53

More than six years after the Spectre security flaw impacting modern CPU processors came to light, new research has found that the latest AMD and Intel processors are still susceptible to...

Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel
2024-10-28 05:29

A new attack technique could be used to bypass Microsoft's Driver Signature Enforcement (DSE) on fully patched Windows systems, leading to operating system (OS) downgrade attacks. "This bypass...

AWS Cloud Development Kit Vulnerability Exposes Users to Potential Account Takeover Risks
2024-10-24 13:00

Cybersecurity researchers have disclosed a security flaw impacting Amazon Web Services (AWS) Cloud Development Kit (CDK) that could have resulted in an account takeover under specific...

Cisco Issues Urgent Fix for ASA and FTD Software Vulnerability Under Active Attack
2024-10-24 12:41

Cisco on Wednesday said it has released updates to address an actively exploited security flaw in its Adaptive Security Appliance (ASA) that could lead to a denial-of-service (DoS) condition. The...

Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices
2024-10-24 09:53

The North Korean threat actor known as Lazarus Group has been attributed to the zero-day exploitation of a now-patched security flaw in Google Chrome to seize control of infected devices....

Fortinet Warns of Critical Vulnerability in FortiManager Under Active Exploitation
2024-10-24 06:23

Fortinet has confirmed details of a critical security flaw impacting FortiManager that has come under active exploitation in the wild. Tracked as CVE-2024-47575 (CVSS score: 9.8), the...

FortiManager critical vulnerability under active attack
2024-10-23 22:47

Security shop and CISA urge rapid action Updated Fortinet has gone public with news of a critical flaw in its software management platform.…

CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)
2024-10-23 12:54

A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on...

VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability
2024-10-22 07:03

VMware has released software updates to address an already patched security flaw in vCenter Server that could pave the way for remote code execution. The vulnerability, tracked as CVE-2024-38812...

CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack
2024-10-22 04:47

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting ScienceLogic SL1 to its Known Exploited Vulnerabilities (KEV) catalog, following...