the latest technology in the world
Shutterstock: Wachiwit via ShutterstockMicrosoft issued patches for 60 unique CVEs in its Patch Tuesday security update for March, only two of which are rated as “critical” and needing priority attention. Both affect the Windows Hyper-V virtualization technology: CVE-2024-21407, a remote code execution (RCE) bug; and CVE-2024-21408, which is a denial-of-service (DoS) vulnerability. The update includes fixes
Google made it to the headlines, again.Instead of making a controversial move, this time, we are talking about a remedy move to save themselves from another class-action suit.So, what’s the story? Here we go:Google was already in the middle of a class-action lawsuit regarding the incognito mode, where they were accused of tracking user activity.
Framework Computer disclosed a data breach exposing the personal information of an undisclosed number of customers after Keating Consulting Group, its accounting service provider, fell victim to a phishing attack. The California-based manufacturer of upgradeable and modular laptops says a Keating Consulting accountant was tricked on January 11 by a threat actor impersonating Framework’s CEO into
During research into an older Microsoft Outlook privilege escalation vulnerability, Akamai discovered two new flaws that can be chained for a zero-click RCE exploit. By Arielle Waldman, News Writer Published: 18 Dec 2023 While examining a previous bypass mitigation, Akamai Technologies discovered two new Windows vulnerabilities that could allow an attacker to create a zero-click
A manual workaround is currently available for a critical VMware Cloud Director Appliance flaw, tracked as CVE-2023-34060, but no patch is available at press time. By Alexander Culafi, Senior News Writer Published: 15 Nov 2023 VMware on Tuesday disclosed a critical vulnerability in appliance versions of its cloud service delivery platform, and a patch is
VMware disclosed a critical and unpatched authentication bypass vulnerability affecting Cloud Director appliance deployments. Cloud Director enables VMware admins to manage their organizations’ cloud services as part of Virtual Data Centers (VDC). The auth bypass security flaw only affects appliances running VCD Appliance 10.5 that were previously upgraded from an older release. The company also added
Pierluigi Paganini November 03, 2023 Researchers disclosed four zero-day flaws in Microsoft Exchange that can be remotely exploited to execute arbitrary code or disclose sensitive information on vulnerable installs. Trend Micro’s Zero Day Initiative (ZDI) disclosed four zero-day vulnerabilities in Microsoft Exchange that can be remotely exploited by an authenticated attacker to execute arbitrary code
1Password Discloses Security Incident Linked To Okta Breach (bleepingcomputer.com) Posted by BeauHD on Monday October 23, 2023 @09:25PM from the fallout-continues dept. Lawrence Abrams reports via BleepingComputer: 1Password, a popular password management platform used by over 100,000 businesses, suffered a security breach after hackers gained access to its Okta ID management tenant. “We detected suspicious
Sony‘s game division this week notified about 6,800 current and former employees, as well as affected family members, that their personal info may have been exposed in a hack earlier this year. The news was first reported by Bleeping Computer. Sony Interactive Entertainment did not immediately respond to a request for comment. Information about Sony’s
Apple released emergency security updates to fix two new zero-day vulnerabilities exploited in attacks targeting iPhone and Mac users, for a total of 13 exploited zero-days patched since the start of the year. “Apple is aware of a report that this issue may have been actively exploited,” the company revealed in security advisories describing the
