Collaborate Disseminate
Google’s open-source tool Vanir enables Android developers to quickly scan custom platform code for missing or applicable security patches. By automating patch validation, Vanir helps OEMs deliver critical security updates faster, enhancing the s… Continue reading Vanir: Open-source security patch validation for Android
Nostalgia is a funny thing. If you experienced the early days of video games in the 1980s and 90s, there’s a good chance you remember those games looking a whole …read more Continue reading Cranking Up the Detail in a Flight Simulator from 1992
OpenPaX is an open-source kernel patch that mitigates common memory safety errors, re-hardening systems against application-level memory safety attacks using a simple Linux kernel patch. It’s available under the same GPLv2 license terms as the Li… Continue reading OpenPaX: Open-source kernel patch that mitigates memory safety errors
In the last couple of days, Fortinet has released critical security updates for FortiManager, to fix a critical vulnerability that is reportedly being exploited by Chinese threat actors. Security updates are trickling out The company, which is known fo… Continue reading Fortinet releases patches for undisclosed critical FortiManager vulnerability
Investigation of the use-after-free flaw is ongoing, but organizations and individual users can update Firefox now for a fix. Continue reading Firefox Update Patches Exploited Vulnerability
SolarWinds has issued a Web Help Desk hotfix to remove hardcoded credentials from last week’s hotfix for a critical-severity vulnerability.
The post SolarWinds Leaks Credentials in Hotfix for Exploited Web Help Desk Flaw appeared first on SecurityWeek.
Continue reading SolarWinds Leaks Credentials in Hotfix for Exploited Web Help Desk Flaw
Zyxel has released patches for three critical vulnerabilities (CVE-2024-29972, CVE-2024-29973, and CVE-2024-29974) affecting two network-attached storage (NAS) devices that have recently reached end-of-vulnerability-support. About the vulnerabilities T… Continue reading Zyxel patches critical flaws in EOL NAS devices
The thunderstorms of April patches have passed, and it has been pretty calm leading up to May 2024 Patch Tuesday. April 2024 Patch Tuesday turned out to be a busy one with 150 new CVEs addressed by Microsoft. There were 91 CVEs fixed in Windows 10, 69 … Continue reading May 2024 Patch Tuesday forecast: A reminder of recent threats and impact
On February 19, ConnectWise reported two vulnerabilities in its ScreenConnect product, CVE-2024-1708 and 1709. The first is an authentication bypass vulnerability, and the second is a path traversal vulnerability. Both made it possible for attackers to bypass authentication processes and execute remote code. While ConnectWise initially reported that the vulnerabilities had proof-of-concept but hadn’t been […]
The post Remote access risks on the rise with CVE-2024-1708 and CVE-2024-1709 appeared first on Security Intelligence.
Continue reading Remote access risks on the rise with CVE-2024-1708 and CVE-2024-1709
SaaS-based, AI-assisted penetration service allows proactive defensive action against exploitation of new vulnerabilities.
The post Horizon3.ai Introduces AI-Assisted Service to Prioritize and Patch Vulnerabilities Faster appeared first on SecurityWeek.
Continue reading Horizon3.ai Introduces AI-Assisted Service to Prioritize and Patch Vulnerabilities Faster