Friday, November 22, 2024
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Exploits and vulnerabilities

MalwareBytes Security 

Patch now! September Microsoft Patch Tuesday includes two actively exploited zero-days

admin , , , , , , , , , , , , , ,

Categories: Business

Categories: Exploits and vulnerabilities

Categories: News

Tags: Microsoft

Tags: Adobe

Tags: Android

Tags: Apple

Tags: Chrome

Tags: SAP

Tags: Exchange

Tags: Visual Studio

Tags: CVE-2023-36761

Tags: CVE-2023-36802

Tags: CVE-2023-29332

Tags: Azure

Microsoft’s September 2023 Patch Tuesday is another important one. It patches two vulnerabilities which are known to be actively exploited.

(Read more…)

The post Patch now! September Microsoft Patch Tuesday includes two actively exploited zero-days appeared first on Malwarebytes Labs.

Read more
MalwareBytes Security 

Update Chrome now! Google patches critical vulnerability being exploited in the wild

admin , , , , , , ,

Categories: Exploits and vulnerabilities

Categories: News

Tags: Google

Tags: Chrome

Tags: CVE-2023-4863

Tags: WebP

Tags: buffer overflow

Tags: 116.0.5845.187/.188

Chrome users are being urged to patch a critical vulnerability for which an exploit is available.

(Read more…)

The post Update Chrome now! Google patches critical vulnerability being exploited in the wild appeared first on Malwarebytes Labs.

Read more
MalwareBytes Security 

Two Apple issues added by CISA to its catalog of known exploited vulnerabilities

admin , , , , , , , , , ,

Categories: Exploits and vulnerabilities

Categories: News

Tags: Blastpass

Tags: citizenlab

Tags: pegasus

Tags: nso

Tags: cisa

Tags: apple

Tags: cve-2023-41064

Tags: cve-2023-41061

Tags: buffer overflow

CISA has added two recently discovered Apple vulnerabilities to its catalog of known exploited vulnerabilities.

(Read more…)

The post Two Apple issues added by CISA to its catalog of known exploited vulnerabilities appeared first on Malwarebytes Labs.

Read more
MalwareBytes Security 

FBI confirms Barracuda patch is not effective for exploited ESG appliances

admin , , , , , ,

Categories: Exploits and vulnerabilities

Categories: News

Tags: Barracuda ESG

Tags: CVE-2023-2868

Tags: SEASPY

Tags: SUBMARINE

Tags: WHIRLPOOL

The FBI repeats the warning by Barracuda that all ESG appliances should immediately be replaced because the patch was ineffective.

(Read more…)

The post FBI confirms Barracuda patch is not effective for exploited ESG appliances appeared first on Malwarebytes Labs.

Read more
MalwareBytes Security 

Update now! Google Chrome’s first weekly update has arrived

admin , , , , , , , , , ,

Categories: Exploits and vulnerabilities

Tags: stable channel

Tags: weekly updates

Tags: CVE-2023-4427

Tags: CVE-2023-4428

Tags: CVE-2023-4429

Tags: CVE-2023-4430

Tags: CVE-2023-4431

Tags: use after free

Tags: out of bounds

Tags: heap corruption

The first of Chrome’s now weekly security updates fixes five vulnerabilities.

(Read more…)

The post Update now! Google Chrome’s first weekly update has arrived appeared first on Malwarebytes Labs.

Read more
MalwareBytes Security 

[updated] Ivanti Sentry critical vulnerability—don’t play dice, patch

admin , , , , , , ,

Categories: Exploits and vulnerabilities

Categories: News

Tags: Ivanti

Tags: Sentry

Tags: MobileIron

Tags: CVE-2023-38035

Tags: MICS

Tags: port 8443

There is some uncertainty about whether a vulnerability in Ivanti Sentry is being exploited in the wild, but why take the risk when you can patch?

(Read more…)

The post [updated] Ivanti Sentry critical vulnerability—don’t play dice, patch appeared first on Malwarebytes Labs.

Read more
MalwareBytes Security 

Ivanti Sentry critical vulnerability—don’t play dice, patch

admin , , , , , , ,

Categories: Exploits and vulnerabilities

Categories: News

Tags: Ivanti

Tags: Sentry

Tags: MobileIron

Tags: CVE-2023-38035

Tags: MICS

Tags: port 8443

There is some uncertainty about whether a vulnerability in Ivanti Sentry is being exploited in the wild, but why take the risk when you can patch?

(Read more…)

The post Ivanti Sentry critical vulnerability—don’t play dice, patch appeared first on Malwarebytes Labs.

Read more
MalwareBytes Security 

Adobe ColdFusion vulnerability exploited in the wild

admin , , , , , , , ,

Categories: Exploits and vulnerabilities

Categories: News

Tags: Adobe

Tags: ColdFusion

Tags: CVE-2023-26359

Tags: CVE-2023-26360

Tags: critical

Tags: known exploited

Tags: deserialization

A second Adobe ColdFusion vulnerability that was patched in April has been added to CISA’s known exploited vulnerabilities catalog.

(Read more…)

The post Adobe ColdFusion vulnerability exploited in the wild appeared first on Malwarebytes Labs.

Read more