Security News

Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633)

2024-08-28 08:46

Organizations using Fortra’s FileCatalyst Workflow are urged to upgrade their instances, so that attackers can’t access an internal HSQL database by exploiting known static credentials...

#critical #CVE #fortra #vulnerability #CVE-2024-6633

Versa fixes Director zero-day vulnerability exploited in attacks

2024-08-26 16:11

Versa Networks has fixed a zero-day vulnerability exploited in the wild that allows attackers to upload malicious files by exploiting an unrestricted file upload flaw in the Versa Director GUI. [...]

#attack #vulnerability #zeroday

SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access

2024-08-26 14:33

SonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorized access to the devices. The...

#critical #firewall #patch #sonicwall #vulnerability #CVE-2024-40766

Nuclei: Open-source vulnerability scanner

2024-08-26 03:21

Nuclei is a fast and customizable open-source vulnerability scanner powered by YAML-based templates. With its flexible templating system, Nuclei can be adapted to perform various security checks....

#opensource #vulnerability

CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September

2024-08-24 07:03

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has placed a security flaw impacting Versa Director to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of...

#cisa #patch #vulnerability #CVE-2024-39717

Vulnerability prioritization is only the beginning

2024-08-23 04:30

To date, most technology solutions focused on vulnerability management have focused on the prioritization of risks. That usually took the shape of some risk-ranking structure displayed in a table...

#vulnerability

Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk

2024-08-22 16:35

SolarWinds has issued patches to address a new security flaw in its Web Help Desk (WHD) software that could allow remote unauthenticated users to gain unauthorized access to susceptible instances....

#credential #solarwinds #vulnerability #WEB

Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data

2024-08-21 16:15

Cybersecurity researchers have disclosed a critical security flaw impacting Microsoft's Copilot Studio that could be exploited to access sensitive information. "An authenticated attacker can bypass Server-Side Request Forgery protection in Microsoft Copilot Studio to leak sensitive information over a network," Microsoft said in an advisory released on August 6, 2024.

#copilot #critical #microsoft #vulnerability

GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk

2024-08-21 04:35

A maximum-severity security flaw has been disclosed in the WordPress GiveWP donation and fundraising plugin that exposes more than 100,000 websites to remote code execution attacks. The flaw,...

#vulnerability #wordpress #CVE-2024-5932

Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor

2024-08-20 10:25

A previously undocumented backdoor named Msupedge has been put to use against a cyber attack targeting an unnamed university in Taiwan. "The most notable feature of this backdoor is that it communicates with a command-and-control server via DNS traffic," the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker News.

#backdoor #exploit #hacker #PHP #vulnerability

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}

Security News