Lucene search
K

2476 matches found

The Hacker News
The Hacker News
added 2023/06/06 11:44 a.m.33 views

5 Reasons Why IT Security Tools Don't Work For OT

Attacks on critical infrastructure and other OT systems are on the rise as digital transformation and OT/IT convergence continue to accelerate. Water treatment facilities, energy providers, factories, and chemical plants — the infrastructure that undergirds our daily lives could all be at risk...

6.7AI score
Exploits0
Talos Blog
Talos Blog
added 2023/06/02 12:0 p.m.11 views

Cybersecurity for businesses of all sizes: A blueprint for protection

One of the primary reasons why cybersecurity remains a complex undertaking is the increased sophistication of modern cyber threats. As the internet and digital technologies continue to advance, so do the methods and tools cybercriminals use. This means that even the most secure systems are...

6.7AI score
Exploits0
Fedora
Fedora
added 2023/05/29 1:7 a.m.37 views

[SECURITY] Fedora 38 Update: bottles-51.6-1.fc38

Easily manage Wine prefix in a new way! Run Windows software and games on Linux. Features: Create bottles based on environments a set of rule and dependencies for better software compatibility Access to a customizable environment for all your experiments Run every executable .exe/.msi in your...

7.8CVSS7.6AI score0.0047EPSS
Exploits0
Wiz blog
Wiz blog
added 2023/05/25 7:20 p.m.19 views

Bridging the Security Gap: Mitigating Lateral Movement Risks from On-Premises to Cloud Environments

This blog post will discuss lateral movement risks from on-prem to the cloud. We will explain attacker TTPs, and outline best practices for cloud builders and defenders to help secure their cloud environments and mitigate risk...

6.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/05/23 1:0 p.m.10 views

Casting a Light on Shadow IT in Cloud Environments

What is Shadow IT? The term “Shadow IT” refers to the use of systems, devices, software, applications, and services without explicit IT approval. This typically occurs when employees adopt consumer products to increase productivity or just make their lives easier. This type of Shadow IT can be...

6.9AI score
Exploits0
OSV
OSV
added 2023/05/23 11:56 a.m.5 views

USN-6099-1 ncurses vulnerabilities

It was discovered that ncurses was incorrectly performing bounds checks when processing invalid hashcodes. An attacker could possibly use this issue to cause a denial of service or to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. CVE-2019-17594 It was discovered that...

8.8CVSS6.9AI score0.03005EPSS
Exploits5References6
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/22 11:34 a.m.59 views

Security Bulletin: A vulnerability in IBM Java SDK affects IBM Tivoli Monitoring for Virtual Environments Agent for Linux Kernel-based Virtual Machines (CVE-2023-30441)

Summary The security issue described in CVE-2023-30441 has been identified in IBM Tivoli Monitoring for Virtual Environments Agent for Linux Kernel-based Virtual Machines Vulnerability Details CVEID:CVE-2023-30441 DESCRIPTION: IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE...

7.5CVSS7.2AI score0.00609EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/22 11:24 a.m.27 views

Security Bulletin: A vulnerability in IBM Java SDK affects IBM Tivoli Monitoring for Virtual Environments Base(CVE-2023-30441)

Summary The security issue described in CVE-2023-30441 has been identified in IBM Tivoli Monitoring for Virtual Environments Base VMware Agent Vulnerability Details CVEID:CVE-2023-30441 DESCRIPTION: IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11...

7.5CVSS7.4AI score0.00609EPSS
Exploits0Affected Software1
hivepro
hivepro
added 2023/05/17 11:42 a.m.11 views

8220 Gang Exploiting Vulnerabilities in Cloud Environments for Cryptocurrency Mining

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The 8220 Gang is a cyber threat group that targets cloud and container environments, exploiting vulnerabilities in applications like Oracle WebLogic, Apache Log4j, and Atlassian Confluence. To receive...

6.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2023/05/09 10:3 a.m.39 views

Moderate: Red Hat Security Advisory: toolbox security and bug fix update

An update for toolbox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS6.7AI score0.05623EPSS
Exploits1References7
Citrix
Citrix
added 2023/05/03 12:0 a.m.6 views

Migrating pooled licenses to new ADM server

In this document, you’ll discover how to migrate Citrix ADM Application Delivery Management on-premises to Citrix ADM service. Migrating to cloud resources modernizes your deployment, providing enhanced elasticity, scalability, and management. The guidance documented here is based on deployment i...

7AI score
Exploits0
Gitee
Gitee
added 2023/05/01 12:0 a.m.9 views

Exploit for Improper Encoding or Escaping of Output in F5 Nginx

This is a repository for Vulhub, a collection of vulnerable environments for testing and learning about web application security. The repository contains a variety of vulnerable environments, including web servers, databases, and applications, which can be used to test and demonstrate various typ...

9.8CVSS7AI score0.99686EPSS
Exploits53
Ubuntu
Ubuntu
added 2023/04/26 1:39 p.m.164 views

USN-6043-1: Linux kernel vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...

7.8CVSS7AI score0.0788EPSS
Exploits15
The Hacker News
The Hacker News
added 2023/04/26 11:46 a.m.2 views

Browser Security Survey: 87% of SaaS Adopters Exposed to Browser-borne Attacks

The browser serves as the primary interface between the on-premises environment, the cloud, and the web in the modern enterprise. Therefore, the browser is also exposed to multiple types of cyber threats and operational risks. In light of this significant challenge, how are CISOs responding?...

7.2AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2023/04/20 4:0 p.m.25 views

Microsoft Entra delivers 240 percent ROI, according to new Forrester study

Every day we easily move between apps and devices while identity professionals work hard behind the scenes to improve technologies that make this digital experience more secure. With nearly 50 percent of data breaches caused by stolen credentials, its important for identity professionals to arm...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/20 11:56 a.m.36 views

Beyond Traditional Security: NDR's Pivotal Role in Safeguarding OT Networks

Why is Visibility into OT Environments Crucial? The significance of Operational Technology OT for businesses is undeniable as the OT sector flourishes alongside the already thriving IT sector. OT includes industrial control systems, manufacturing equipment, and devices that oversee and manage...

6.2AI score
Exploits0
Ubuntu
Ubuntu
added 2023/04/19 1:17 a.m.77 views

USN-6024-1: Linux kernel vulnerabilities

It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-1281 Lin Ma discovered a race condition in t...

7.8CVSS7.2AI score0.00964EPSS
Exploits4
Debian CVE
Debian CVE
added 2023/04/18 7:54 p.m.36 views

CVE-2023-21954

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...

5.9CVSS5.7AI score0.01421EPSS
Exploits0
The Hacker News
The Hacker News
added 2023/04/18 9:5 a.m.52 views

Iranian Hackers Using SimpleHelp Remote Support Software for Persistent Access

The Iranian threat actor known as MuddyWater is continuing its time-tested tradition of relying on legitimate remote administration tools to commandeer targeted systems. While the nation-state group has previously employed ScreenConnect, RemoteUtilities, and Syncro, a new analysis from Group-IB h...

6.7AI score
Exploits0
CNNVD
CNNVD
added 2023/04/18 12:0 a.m.3 views

Schneider Electric EcoStruxure Power Monitoring Expert 代码问题漏洞

The Schneider Electric EcoStruxure Power Monitoring Expert is a device from Schneider Electric France that is used to perform power distribution monitoring in IoT environments. The Schneider Electric EcoStruxure Power Monitoring Expert has a code issue vulnerability that stems from the presence o...

8.8CVSS7.9AI score0.00318EPSS
Exploits0References2
Rows per page
Query Builder