FreshRSS

πŸ”’
❌ Secure Planet Training Courses Updated For 2019 - Click Here
☷
β–³ πŸ”ƒ
There are new available articles, click to refresh the page.
☐ β˜† βœ‡ The Hacker News

SLAM Attack: New Spectre-based Vulnerability Impacts Intel, AMD, and Arm CPUs

By: Newsroom β€” December 9th 2023 at 11:52
Researchers from the Vrije Universiteit Amsterdam have disclosed a new side-channel attack called SLAM that could be exploited to leak sensitive information from kernel memory on current and upcoming CPUs from Intel, AMD, and Arm. The attack is an end-to-end exploit for Spectre based on a new feature in Intel CPUs called Linear Address Masking (LAM) as well as its analogous
☐ β˜† βœ‡ The Hacker News

Ransomware Attacks Double: Are Companies Prepared for 2024's Cyber Threats?

By: The Hacker News β€” October 13th 2023 at 11:07
Ransomware attacks have only increased in sophistication and capabilities over the past year. From new evasion and anti-analysis techniques to stealthier variants coded in new languages, ransomware groups have adapted their tactics to effectively bypass common defense strategies.Β  Cyble, a renowned cyber threat intelligence company recognized for its research and findings, recently released itsΒ 
☐ β˜† βœ‡ The Hacker News

CISA Warns of Actively Exploited Adobe Acrobat Reader Vulnerability

By: Newsroom β€” October 11th 2023 at 12:26
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on TuesdayΒ addedΒ a high-severity flaw in Adobe Acrobat Reader to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked asΒ CVE-2023-21608Β (CVSS score: 7.8), the vulnerability has been described as a use-after-free bug that can be exploited to achieve remote code execution (RCE) with the
☐ β˜† βœ‡ The Hacker News

Critical Adobe ColdFusion Flaw Added to CISA's Exploited Vulnerability Catalog

By: THN β€” August 22nd 2023 at 03:36
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) hasΒ addedΒ a critical security flaw in Adobe ColdFusion to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, cataloged asΒ CVE-2023-26359Β (CVSS score: 9.8), relates to a deserialization flaw present in Adobe ColdFusion 2018 (Update 15 and earlier) and ColdFusion 2021 (
☐ β˜† βœ‡ The Hacker News

CISA Adds Citrix ShareFile Flaw to KEV Catalog Due to In-the-Wild Attacks

By: THN β€” August 17th 2023 at 05:10
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Citrix ShareFile storage zones controller to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active in-the-wild exploitation. Tracked asΒ CVE-2023-24489Β (CVSS score: 9.8), the shortcoming has been described as an improper access control bug that, if successfully exploited
☐ β˜† βœ‡ The Hacker News

CISA Adds Microsoft .NET Vulnerability to KEV Catalog Due to Active Exploitation

By: THN β€” August 11th 2023 at 03:38
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) hasΒ addedΒ a recently patched security flaw in Microsoft's .NET and Visual Studio products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked asΒ CVE-2023-38180Β (CVSS score: 7.5), the high-severity flaw relates to a case denial-of-service (DoS) impacting .NET and Visual Studio. It
☐ β˜† βœ‡ The Hacker News

U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog

By: Ravie Lakshmanan β€” June 24th 2023 at 15:30
The U.S. Cybersecurity and Infrastructure Security Agency hasΒ addedΒ a batch of six flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. This comprises three vulnerabilities that Apple patched this week (CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439), two flaws in VMware (CVE-2023-20867Β andΒ CVE-2023-20887), and one shortcoming impacting Zyxel
❌