exploited – Page 5 – WindowsTechs.com

Check Point VPN Attacks Involve Zero-Day Exploited Since April

Posted on May 30, 2024 by Eduard Kovacs

The recently disclosed Check Point VPN attacks involve the zero-day vulnerability CVE-2024-24919, which allows hackers to obtain passwords.
The post Check Point VPN Attacks Involve Zero-Day Exploited Since April appeared first on SecurityWeek.
Continue reading Check Point VPN Attacks Involve Zero-Day Exploited Since April→

CISA Warns of Attacks Exploiting NextGen Healthcare Mirth Connect Flaw

Posted on May 21, 2024 by Eduard Kovacs

CISA has added CVE-2023-43208, an unauthenticated remote code execution vulnerability, to its KEV catalog.
The post CISA Warns of Attacks Exploiting NextGen Healthcare Mirth Connect Flaw appeared first on SecurityWeek.
Continue reading CISA Warns of Attacks Exploiting NextGen Healthcare Mirth Connect Flaw→

Third Chrome Zero-Day Patched by Google Within One Week

Posted on May 16, 2024 by Ionut Arghire

Google releases Chrome 125 to the stable channel with patches for nine vulnerabilities, including a zero-day.
The post Third Chrome Zero-Day Patched by Google Within One Week appeared first on SecurityWeek.
Continue reading Third Chrome Zero-Day Patched by Google Within One Week→

Google Patches Second Chrome Zero-Day in One Week

Posted on May 14, 2024 by Eduard Kovacs

Google has patched CVE-2024-4761, the second exploited vulnerability addressed by the company within one week.
The post Google Patches Second Chrome Zero-Day in One Week appeared first on SecurityWeek.
Continue reading Google Patches Second Chrome Zero-Day in One Week→

Exploited Chrome Zero-Day Patched by Google

Posted on May 10, 2024 by Eduard Kovacs

A Chrome 124 update patches the second Chrome zero-day that has been found to be exploited in malicious attacks in 2024.
The post Exploited Chrome Zero-Day Patched by Google appeared first on SecurityWeek.
Continue reading Exploited Chrome Zero-Day Patched by Google→

1,400 GitLab Servers Impacted by Exploited Vulnerability

Posted on May 2, 2024 by Ionut Arghire

CISA says a critical GitLab password reset flaw is being exploited in attacks and roughly 1,400 servers have not been patched.
The post 1,400 GitLab Servers Impacted by Exploited Vulnerability appeared first on SecurityWeek.
Continue reading 1,400 GitLab Servers Impacted by Exploited Vulnerability→

Palo Alto Networks Shares Remediation Advice for Hacked Firewalls

Posted on April 25, 2024 by Eduard Kovacs

Palo Alto Networks has shared remediation instructions for organizations whose firewalls have been hacked via CVE-2024-3400.
The post Palo Alto Networks Shares Remediation Advice for Hacked Firewalls appeared first on SecurityWeek.
Continue reading Palo Alto Networks Shares Remediation Advice for Hacked Firewalls→

CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation

Posted on April 24, 2024 by Ionut Arghire

CISA warns organizations of a two-year-old Windows Print Spooler vulnerability being exploited in the wild.
The post CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation appeared first on SecurityWeek.
Continue reading CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation→

CrushFTP Patches Exploited Zero-Day Vulnerability

Posted on April 22, 2024 by Ionut Arghire

CrushFTP patches a zero-day vulnerability allowing unauthenticated attackers to escape the VFS and retrieve system files.
The post CrushFTP Patches Exploited Zero-Day Vulnerability appeared first on SecurityWeek.
Continue reading CrushFTP Patches Exploited Zero-Day Vulnerability→

Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability

Posted on April 22, 2024 by Ionut Arghire

Shadowserver has identified roughly 6,000 internet-accessible Palo Alto Networks firewalls potentially vulnerable to CVE-2024-3400.
The post Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability appeared first on SecurityWee… Continue reading Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability →