Penetration Testing

MAY 10, 2024

SolarWinds, a leading provider of IT management software, has taken swift action to address critical vulnerabilities in its Access Rights Manager (ARM) solution, patching two major flaws that could expose sensitive data and grant... The post Hard-Coded Credentials (CVE-2024-23473), RCE (CVE-2024-28075) Flaws Patched in SolarWinds ARM appeared (..)

Penetration Testing 98

Penetration Testing Software 98

Penetration Testing

APRIL 3, 2024

Google has revealed in their April 2024 Pixel Update Bulletin that several serious security flaws could be putting your Pixel device at risk.

Penetration Testing 135

Penetration Testing Risk 135

Penetration Testing

MAY 9, 2024

The flaw, designated CVE-2024-4671, is a “use after free” bug located... The post Google Rushes to Patch Chrome Zero-Day Exploit: CVE-2024-4671 appeared first on Penetration Testing.

Penetration Testing 134

Penetration Testing 134

Penetration Testing

FEBRUARY 28, 2024

Two critical vulnerabilities (CVE-2024-25065, CVE-2024-23946) have been discovered that put a wide range of businesses at risk. Decoding the Vulnerabilities... The post CVE-2024-25065 & CVE-2024-23946: Critical Vulnerabilities Exposed in Apache OFBiz appeared first on Penetration Testing.

Penetration Testing 137

Penetration Testing Risk 137

Security Affairs

APRIL 25, 2024

Google addressed a critical Chrome vulnerability, tracked as CVE-2024-4058, that resides in the ANGLE graphics layer engine. Google addressed four vulnerabilities in the Chrome web browser, including a critical vulnerability tracked as CVE-2024-4058. The IT giant also fixed a high-severity flaw tracked as CVE-2024-4059.

Engineering 123

Engineering Hacking Information Security 123

Security Boulevard

MAY 4, 2024

The RSA Conference 2024 will kick off on May 6. Introduction to Reality Defender Reality Defender, established in 2021, is a startup specializing in detecting deepfakes and […] The post RSAC 2024 Innovation Sandbox | Reality Defender: Deepfake Detection Platform appeared first on NSFOCUS, Inc.,

Cyber Attacks 121

Cyber Attacks Cybersecurity 121

Penetration Testing

APRIL 27, 2024

Security researcher Gabe Kirkpatrick has released proof-of-concept (PoC) exploit code for CVE-2024-21345, a high-severity Windows Kernel Elevation of Privilege vulnerability.

Penetration Testing 145

Penetration Testing Authentication 145

Penetration Testing

MAY 3, 2024

The vulnerability, tracked as CVE-2024-4439 and rated... The post CVE-2024-4439: Unauthenticated Stored Cross-Site Scripting Vulnerability in WordPress Core appeared first on Penetration Testing.

Penetration Testing 143

Penetration Testing 143

Penetration Testing

APRIL 28, 2024

Cybersecurity researcher Gabe Kirkpatrick shared technical details and proof-of-concept (PoC) exploit code for a high-severity elevation of privilege vulnerability (CVE-2024-26218) bug affecting the Windows Kernel.

Penetration Testing 144

Penetration Testing Cybersecurity 144

Penetration Testing

APRIL 22, 2024

Security researcher Naor Hodorov has made public a proof-of-concept (PoC) exploit for a severe vulnerability (CVE-2024-21111) in Oracle VirtualBox. This vulnerability plagues VirtualBox versions before 7.0.16

Penetration Testing 145

Penetration Testing 145

Penetration Testing

MAY 9, 2024

However, recent discoveries... The post CVE-2024-34350 & CVE-2024-34351: Two Vulnerabilities Patched in Popular Next.js Framework appeared first on Penetration Testing.

Penetration Testing 77

Penetration Testing 77

Penetration Testing

MAY 8, 2024

These flaws, identified in the Go environment, could potentially allow... The post CVE-2024-24787 (CVSS 9.8): Go Vulnerability Could Lead to Code Execution appeared first on Penetration Testing.

Penetration Testing 145

Penetration Testing Software 145

Penetration Testing

MAY 2, 2024

The vulnerability (CVE-2024-33530) allows unauthorized individuals to gain the meeting password, potentially bypassing security... The post CVE-2024-33530: Jitsi Meet Flaw Leaks Meeting Passwords, Exposing Calls to Intruders appeared first on Penetration Testing.

Passwords 141

Passwords Penetration Testing 141

Penetration Testing

JANUARY 29, 2024

Discovered through Google’s OSS-Fuzz service, three security vulnerabilities have been identified in its systems, two of which... The post CVE-2024-22860 & CVE-2024-22862: Critical FFmpeg Remote Code Execution Flaws appeared first on Penetration Testing.

Penetration Testing 141

Penetration Testing 141

Security Boulevard

MAY 2, 2024

The RSA Conference 2024 will kick off on May 6. The company is dedicated to […] The post RSAC 2024 Innovation Sandbox | Aembit: An IAM Platform for Cloud Workloads appeared first on NSFOCUS, Inc., The post RSAC 2024 Innovation Sandbox | Aembit: An IAM Platform for Cloud Workloads appeared first on Security Boulevard.

Cyber Attacks 124

Cyber Attacks Cybersecurity 124

Penetration Testing

MAY 2, 2024

Microsoft’s Senior Security Researcher Vladimir Tokarev will detail a series of critical zero-day vulnerabilities in OpenVPN, the world’s leading VPN solution, used by millions of endpoints globally at the upcoming Black Hat USA 2024... The post Microsoft Researcher to Unveil 4 OpenVPN Zero-Day Vulnerabilities at Black Hat USA (..)

Penetration Testing 145

Penetration Testing VPN 145

Penetration Testing

APRIL 22, 2024

This zero-day flaw, identified as CVE-2024-4040 with a CVSS score of 7.7, poses a severe risk to organizations... The post CVE-2024-4040: CrushFTP Users Targeted in Zero-Day Attack Campaign appeared first on Penetration Testing.

Penetration Testing 136

Penetration Testing Software Risk 136

Tech Republic Security

MAY 3, 2024

The year 2024 is bringing a return to stable tech salary growth in APAC, with AI and data jobs leading the way. This follows downward salary pressure in 2023, after steep increases in previous years.

Digital transformation 123

Digital transformation Big data Artificial Intelligence Technology 123

Penetration Testing

APRIL 29, 2024

Researchers from HiddenLayer have discovered a significant vulnerability in the R programming language, tracked as CVE-2024-27322, that exposes users to arbitrary code execution through deserialized data.

Penetration Testing 128

Penetration Testing Risk 128

Security Boulevard

MAY 1, 2024

The RSA Conference 2024 will kick off on May 6. The company provides services […] The post RSAC 2024 Innovation Sandbox | P0 Security’s Cloud Access Governance Platform appeared first on NSFOCUS, Inc., The post RSAC 2024 Innovation Sandbox | P0 Security’s Cloud Access Governance Platform appeared first on Security Boulevard.

Government 111

Government Cyber Attacks Cybersecurity 111

Security Boulevard

APRIL 27, 2024

The RSA Conference 2024 will kick off on May 6. Introduction of Antimatter […] The post RSAC 2024 Innovation Sandbox | Antimatter: A Comprehensive Data Security Management Tool appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.

Cyber Attacks 122

Cyber Attacks Network Security Cybersecurity 122

Penetration Testing

APRIL 19, 2024

A recently discovered flaw in the GNU C Library’s (glibc) iconv function (CVE-2024-2961) carries severe implications for web applications built on PHP.

Penetration Testing 145

Penetration Testing 145

Penetration Testing

MARCH 5, 2024

Apple recently pushed out emergency patches to fix two zero-day vulnerabilities (CVE-2024-23225 and CVE-2024-23296) that are already under attack. Hackers were actively using these... The post CVE-2024-23225 & CVE-2024-23296: Apple Patches Actively Exploited 0-Day Flaws appeared first on Penetration Testing.

Penetration Testing 105

Penetration Testing 105

Penetration Testing

APRIL 30, 2024

The vulnerability, tracked as CVE-2024-27790, has been... The post CVE-2024-27790: FileMaker Server Vulnerability Patched, Data Access Risk Addressed appeared first on Penetration Testing.

Penetration Testing 117

Penetration Testing Risk Software 117

Penetration Testing

APRIL 28, 2024

These flaws, if exploited,... The post CVE-2024-32766 (CVSS 10) – QNAP Vulnerability: Hackers Can Hijack Your NAS appeared first on Penetration Testing.

Penetration Testing 145

Penetration Testing Manufacturing Software 145

Penetration Testing

APRIL 18, 2024

The patches address a high-severity vulnerability, designated CVE-2024-20380 (CVSS 7.5), that could allow unauthenticated, remote attackers to crash ClamAV... The post ClamAV Issues Urgent Patch for High-Risk DoS Vulnerability CVE-2024-20380 appeared first on Penetration Testing.

Penetration Testing 136

Penetration Testing Risk Antivirus Software 136

Security Boulevard

APRIL 9, 2024

For April 2024, Microsoft has rolled out a significant update aimed at bolstering the security and performance of its product suite. Key Highlights from April’s Patch Tuesday: Total Updates: This month, … Read More The post Patch Tuesday Update – April 2024 appeared first on Security Boulevard.

Cyber threats 113

Cyber threats 113

Penetration Testing

APRIL 9, 2024

Microsoft’s April 2024 Patch Tuesday release brings a staggering 147 new vulnerability fixes across its software ecosystem.

Penetration Testing 105

Penetration Testing Software Cybersecurity 105

Penetration Testing

MAY 10, 2024

Technical details have emerged about a significant security vulnerability, CVE-2024-21115, which has been discovered in Oracle VM VirtualBox, a widely used product under Oracle Virtualization.

Penetration Testing 94

Penetration Testing 94

Penetration Testing

APRIL 21, 2024

This flaw, designated CVE-2024-29291, affects versions 8.* of... The post Laravel Framework Hit by Data Exposure Vulnerability (CVE-2024-29291) – Database Credentials at Risk appeared first on Penetration Testing. through 11.*

Penetration Testing 141

Penetration Testing Risk Data breaches 141

Penetration Testing

MARCH 22, 2024

These flaws were skillfully exploited during the recent Pwn2Own Vancouver 2024 hacking contest. Zero-Day Dangers Zero-day vulnerabilities... The post Firefox Patches Critical Zero-Day Vulnerabilities Exposed in Pwn2Own 2024 appeared first on Penetration Testing.

Penetration Testing 138

Penetration Testing Hacking 138

Penetration Testing

APRIL 5, 2024

This vulnerability, designated CVE-2024-3116, allows attackers to execute malicious code on servers... The post CVE-2024-3116: Critical pgAdmin Vulnerability Exposes Databases to Remote Attacks appeared first on Penetration Testing.

Penetration Testing 138

Penetration Testing 138

Penetration Testing

MARCH 17, 2024

These vulnerabilities, labeled CVE-2024-28353 and CVE-2024-28354, leave these routers alarmingly exposed to potential remote... The post CVE-2024-28353 & 28354: TRENDnet Router Takeover Flaws Exposed, No Patch Available appeared first on Penetration Testing.

Penetration Testing 143

Penetration Testing 143

Security Boulevard

MAY 2, 2024

50,000 security practitioners are about to attend RSA 2024. The post What to Expect at RSA 2024: Will AI Wreak Havoc on Cybersecurity? Here’s what one expert anticipates for this year’s show. appeared first on Security Boulevard.

Cybersecurity 126

Cybersecurity CISO 126

Security Boulevard

APRIL 5, 2024

trillion in 2024, potentially growing at a 13% compound annual growth rate (CAGR). Enterprise […] The post Expert Insights on IoT Security Challenges in 2024 appeared first on TuxCare. The post Expert Insights on IoT Security Challenges in 2024 appeared first on Security Boulevard.

IoT 112

IoT Marketing Internet Internet 112

Penetration Testing

APRIL 21, 2024

Citrix has released an urgent security advisory regarding a vulnerability (CVE-2024-3902) discovered in its uberAgent software. High), could allow attackers to escalate their privileges within... The post Citrix uberAgent Update for Privilege Escalation Vulnerability (CVE-2024-3902) appeared first on Penetration Testing.

Penetration Testing 115

Penetration Testing Software 115

Penetration Testing

FEBRUARY 11, 2024

This vulnerability, designated CVE-2024-0985 (CVSS 8.0), could allow attackers to execute malicious code with... The post CVE-2024-0985: PostgreSQL’s Critical Security Flaw Exposed appeared first on Penetration Testing.

Penetration Testing 143

Penetration Testing System Administration Software 143