Quantcast
Channel: do son, Author at Cybersecurity News
Browsing all 1971 articles
Browse latest View live

CVE-2024-1724: Snap Sandbox Escape Vulnerability Threatens Linux Systems

In a recent security disclosure, security researcher McPhail has identified a critical vulnerability in Snap, a popular package manager for Ubuntu and other Linux distributions. The vulnerability,...

View Article


Linux Flaw: CVE-2024-1085 PoC Exploit Exposes Privilege Escalation Risk

A security researcher has published a proof-of-concept (PoC) exploit code targeting a high-severity CVE-2024-1085 vulnerability in the Linux kernel. The vulnerability, residing in the Netfilter...

View Article


Multiple Vulnerabilities in Apache HTTP Server Demand Immediate Action

The Apache Software Foundation has issued an urgent security advisory, disclosing multiple vulnerabilities in its widely used Apache HTTP Server. These flaws range from denial-of-service (DoS) attacks...

View Article

Android’s July 2024 Security Patches Fix Critical Vulnerability

On Monday, Google released the July 2024 security patches for the Android operating system, which address several critical vulnerabilities, including one affecting the Framework component. A total of...

View Article

CVE-2024-6172: Critical Flaw in Icegram Express Plugin Threatens 90,000+...

A severe vulnerability has been discovered in Icegram Express, a widely used WordPress plugin for email marketing and newsletters. The flaw, designated CVE-2024-6172, has been assigned a near-maximum...

View Article


ProxyLogon & ProxyShell Vulnerabilities Back: Gov’t Emails Breached

Nearly three years after the notorious ProxyLogon and ProxyShell vulnerabilities caused widespread havoc on Microsoft Exchange servers, these vulnerabilities have resurfaced with new targets. The Hunt...

View Article

CVE-2024-36401 (CVSS 9.8): Urgent Patch Needed for GeoServer RCE Vulnerability

A severe security flaw, CVE-2024-36401 (CVSS 9.8), has been discovered in GeoServer, a widely-used open-source software platform for managing and sharing geospatial data. This vulnerability could...

View Article

CVE-2024-21586: Juniper SRX Vulnerability Leaves Networks Open to Attack

Juniper Networks, a leading provider of networking solutions, has issued a critical security advisory warning users of a high-severity vulnerability affecting their SRX Series firewalls. This...

View Article


Unpatched Gogs Vulnerabilities: A Ticking Time Bomb for Source Code

SonarSource, a leading code security firm, has uncovered four unpatched vulnerabilities in Gogs, a popular open-source self-hosted Git service. With over 44,000 stars on GitHub and more than 90 million...

View Article


The Hidden Danger of PDF Files with Embedded QR Codes, Researchers Warn

SonicWall Capture Labs, the threat research arm of cybersecurity firm SonicWall, has issued a warning regarding a new phishing technique exploiting the widespread use of QR codes. The team has observed...

View Article

CVE-2024-37726: MSI Center Flaw Exposes Windows Systems to Privilege...

Recently, a critical local privilege escalation vulnerability has been identified in MSI Center, a popular system management application for Windows OS. Tracked as CVE-2024-37726, this vulnerability...

View Article

Urgent Security Alert: HFS Servers Under Attack, Patch Now!

The AhnLab Security Intelligence Center (ASEC) has issued a critical warning for all users of HTTP File Server (HFS): a recently disclosed remote code execution vulnerability (CVE-2024-23692) is...

View Article

SnailLoad (CVE-2024-39920): New Side-Channel Attack Exposes Your Web Activity

Security researchers from Graz University of Technology have unveiled a novel cybersecurity threat dubbed “SnailLoad” (CVE-2024-39920). This side-channel attack exploits a vulnerability in the...

View Article


Mallox Ransomware Goes Cross-Platform: New Linux Variant Discovered,...

The notorious Mallox ransomware gang, known for their aggressive multi-extortion tactics, has expanded their arsenal with a new Linux variant. This marks a significant shift for the group, which...

View Article

CVE-2024-32498: Critical OpenStack Flaw Exposes Cloud Data to Attackers

The OpenStack Foundation has issued an urgent security advisory, disclosing a critical vulnerability (CVE-2024-32498, CVSS 8.8) affecting multiple core components of its cloud infrastructure platform....

View Article


Mekotio Banking Trojan Resurges, Targeting Latin American Financial Systems

A new wave of cyberattacks utilizing the sophisticated Mekotio banking trojan is raising alarms across Latin America, according to a recent report by Trend Micro Research. The malware, active since...

View Article

Logsign Unified SecOps Platform Urgent Update Addresses Critical RCE...

Two critical vulnerabilities have been identified in the Logsign Unified SecOps Platform, a comprehensive software solution for security operations. These vulnerabilities, CVE-2024-5716 and...

View Article


Unit 42 Research Exposes GootLoader’s Sophisticated Sandbox Evasion Tactics

Palo Alto Networks’ Unit 42 threat intelligence team has published a comprehensive analysis detailing the advanced evasion techniques employed by GootLoader, a pervasive malware known for its role in...

View Article

CVE-2024-38513 (CVSS 9.8): Critical Security Flaw in Popular Go Web...

A high-severity vulnerability (CVE-2024-38513) has been discovered in Fiber, a widely-used web framework for the Go programming language. This flaw allows attackers to hijack user sessions, potentially...

View Article

Widespread Supply Chain Attack on NPM: Trojanized jQuery Discovered

A sophisticated and persistent supply chain attack targeting the popular JavaScript library jQuery has been uncovered by cybersecurity researchers at Phylum. The attack, which has been active since...

View Article
Browsing all 1971 articles
Browse latest View live