Lucene search
K

543 matches found

Malwarebytes
Malwarebytes
added 2024/03/21 9:22 p.m.30 views

Patch Ivanti Standalone Sentry and Ivanti Neurons for ITSM now

Ivanti has issued patches for two vulnerabilities. One was discovered in the Ivanti Standalone Sentry, which impacts all supported versions 9.17.0, 9.18.0, and 9.19.0. Older versions are also at risk. The other vulnerability impacts all supported versions of Ivanti Neurons for ITSM—2023.3, 2023.2...

8AI score0.12844EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2024/03/13 4:32 p.m.26 views

How to update outdated software on Mac endpoints: Introducing ThreatDown VPM for Mac

ThreatDown is happy to announce that our Vulnerability Assessment and Patch Management VPM tool is now available for Mac endpoints. There are hundreds of third-party apps that Mac endpoint use on a daily basis—and with that large number of apps comes a dizzying amount of software updates to apply...

7.2AI score
Exploits0
CNNVD
CNNVD
added 2024/03/11 12:0 a.m.5 views

Number withdrawn

ZOHO ManageEngine Desktop Central DC is a desktop management solution from ZOHO. The solution includes software distribution, patch management, system configuration, remote control, and other functional modules to support the entire lifecycle of desktop and server management. This CVE number has...

6.9AI score
Exploits0References2
OSV
OSV
added 2024/03/01 8:9 p.m.13 views

GHSA-4G2X-VQ5P-5VJ6 Budibase affected by VM2 Constructor Escape Vulnerability

Impact Previously, budibase used a library called vm2 for code execution inside the Budibase builder and apps, such as the UI below for configuring bindings in the design section. Due to a vulnerability in vm2, any environment that executed the code server side automations and column formulas was...

9.8CVSS8AI score
Exploits0References4
hivepro
hivepro
added 2024/02/29 1:7 p.m.16 views

Uni5 Xposure: The Top 5 Benefits of Integrating With Patch Management Tools

What Does Uni5 Xposure Do? Uni5 Xposure is a comprehensive security solution tailored to conquer the challenges of risk-based vulnerability management and its evolved form, threat exposure management. Through its robust suite of features, Uni5 Xposure offers a dynamic approach to security...

7.5AI score
Exploits0
Qualys Blog
Qualys Blog
added 2024/02/15 4:36 p.m.21 views

Ransomware Reality Check: Deciphering Priorities in a Sea of Cyber Extortion

Welcome to a critical exploration of the 2023 Cyber Vulnerability Landscape, with a specific focus on the escalating threat of ransomware. I have previously shared the broader results we found in evaluating the 2023 threat landscape; this is now a deeper dive into what the data reveals specifical...

8.5AI score
Exploits0
Qualys Blog
Qualys Blog
added 2024/01/31 3:32 p.m.17 views

Qualys Patch Management: A Review of New Features in 2023 for Faster Elimination of Cyber Risk

The recent debut of Qualys’ Enterprise TruRisk Platform promises three key benefits: measuring, communicating, and eliminating cyber risk across the extended enterprise. Qualys Patch Management plays a pivotal role in this process towards the rapid elimination of cyber risk. Our focus during 2023...

7.1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2024/01/30 5:12 p.m.11 views

Advancing Cybersecurity Management With Qualys Cloud Agent

In the first part of our series, we discussed the significant enhancements in Reduced Activity Periods RAP and Enhanced Capabilities for VDI in the Qualys Cloud Agent. In this second part of the series, we continue our exploration into the other two pivotal enhancements of this upgrade: 1. Agent...

7.1AI score
Exploits0
Qualys Blog
Qualys Blog
added 2024/01/22 4:48 p.m.21 views

Reduce Risk Faster With the Qualys Risk Reduction Recommendation Report

New vulnerabilities are found almost daily. However, most organizations struggle to identify, prioritize, and remediate vulnerabilities efficiently—making their environments vulnerable to risk. Last year, Qualys introduced Qualys VMDR with TruRiskTM, which helps organizations quantify cyber risk ...

7.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/01/19 1:2 p.m.37 views

CISA urges urgent patching of two actively exploited Citrix NetScaler vulnerabilities

The Cybersecurity and Infrastructure Security Agency CISA has added two Citrix NetScaler vulnerabilities to its Known Exploited Vulnerabilities catalog, and it has set the “due date” a week after they were added. Federal Civilian Executive Branch FCEB agencies are handed specific deadlines for wh...

6.5CVSS8.6AI score0.57633EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2024/01/15 8:13 a.m.22 views

A week in security (January 8 – January 14)

Last week on Malwarebytes Labs: FCC wants cars to make life harder for stalkers Joomla! vulnerability is being actively exploited Act now! Ivanti vulnerabilities are being actively exploited Ransomware review: January 2024 Info-stealers can steal cookies for permanent access to your Google accoun...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/12/21 9:35 p.m.26 views

How does ThreatDown Vulnerability Assessment and Patch Management work?

Maintaining updated systems and applications is a challenge for any IT team—especially considering the sheer volume of vulnerabilities organizations must find and prioritize on a rolling basis. ThreatDown Vulnerability Assessment VA, now included for free in every ThreatDown bundle, simplifies th...

7.2AI score
Exploits0
Talos Blog
Talos Blog
added 2023/12/14 12:21 p.m.13 views

Recommendations that defenders can use from Talos’ Year in Review Report

The Talos Year in Review is available now and contains a wealth of insights about how the threat landscape has shifted in 2023. With new ransomware strains emerging from leaked source code, commodity loaders adding more reconnaissance measures to their belts, and geopolitical events influencing A...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/12/07 12:7 p.m.64 views

Android phones can be taken over remotely – update when you can

Android phones are vulnerable to attacks that could allow someone to takeover a device remotely without the device owner needing to do anything. Updates for these vulnerabilities and more are included in Googles Android security bulletin for December. In total, there are patches for 94...

5.8CVSS8.4AI score0.1308EPSS
Exploits1
Malwarebytes
Malwarebytes
added 2023/12/06 2:15 p.m.38 views

Adobe Coldfusion vulnerability used in attacks on government servers

The Cybersecurity and Infrastructure Security Agency CISA put out a Cybersecurity Advisory CSA to alert government agencies about cybercriminals using a vulnerability in Adobe Coldfusion to gain initial access to servers. Adobe ColdFusion is a platform for building and deploying web and mobile...

5CVSS8.2AI score0.97339EPSS
Exploits13
Qualys Blog
Qualys Blog
added 2023/11/09 10:0 p.m.30 views

QSC23 – Qualys Announces a Directional Shift to Measure, Communicate, and Eliminate Cyber Risk with New Platform and Solutions

The 2023 Qualys Security Conference QSC started wrapping up on Thursday, November 9th, with two days of new technology announcements, impactful customer use cases, and thought-provoking talks from a host of engaging speakers, including Rachel Wilson, Managing Director at Morgan Stanley and Frank...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/10/26 5:52 a.m.12 views

Patch…later? Safari iLeakage bug not fixed

Apple has released updates for its phones, Macs, iPads, watches, and TV streaming devices, fixing a bunch of security problems. But amid all that activity, one fix is notably absent—there is nothing to address the vulnerability dubbed iLeakage. iLeakage is a side-channel attack that can force the...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/10/25 6:44 a.m.43 views

Update vCenter Server now! VMWare fixes critical vulnerability

VMWare has issued an update to address one out-of-bounds write and one information disclosure vulnerability in its server management software, vCenter Server. Since there are no in-product workarounds, customers are advised to apply the updates urgently. The affected products are VMware vCenter...

7.5CVSS7.4AI score0.99428EPSS
Exploits1
OSV
OSV
added 2023/10/11 6:15 a.m.2 views

CVE-2022-42451

Certain credentials within the BigFix Patch Management Download Plug-ins are stored insecurely and could be exposed to a local privileged user...

4.4CVSS5.8AI score0.0015EPSS
Exploits0References1
NVD
NVD
added 2023/10/11 6:15 a.m.20 views

CVE-2022-42451

Certain credentials within the BigFix Patch Management Download Plug-ins are stored insecurely and could be exposed to a local privileged user...

4.6CVSS4.5AI score0.0015EPSS
Exploits0References1
Rows per page
Query Builder