Category: Uncategorized
-

New OpenSSH Vulnerability Discovered: Potential Remote Code Execution Risk [email protected] (The Hacker News)
Select versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution (RCE). The vulnerability, tracked as CVE-2024-6409 (CVSS score: 7.0), is distinct from CVE-2024-6387 (aka RegreSSHion) and relates to a case of code execution in the privsep child process due to a race condition in signal…
-
Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited Ryan Naraine
Patch Tuesday: Microsoft patches more than 140 security vulnerabilities in the Windows ecosystem, including a pair of exploited zero-days. The post Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited appeared first on SecurityWeek. Read More
-
Adobe Issues Critical Patches for Multiple Products, Warns of Code Execution Risks Ryan Naraine
Adobe documents at least seven code execution bugs affecting Adobe Premiere Pro, Adobe InDesign and Adobe Bridge on Windows and macOS. The post Adobe Issues Critical Patches for Multiple Products, Warns of Code Execution Risks appeared first on SecurityWeek. Read More
-
BlastRADIUS Attack Exposes Critical Flaw in 30-Year-Old RADIUS Protocol Ryan Naraine
Security vendor InkBridge Networks calls urgent attention to the discovery of a decades-old design flaw in the widely used RADIUS protocol. The post BlastRADIUS Attack Exposes Critical Flaw in 30-Year-Old RADIUS Protocol appeared first on SecurityWeek. Read More
-
Command Zero Emerges From Stealth Mode to Speed Up Cyber Investigations Ionut Arghire
Command Zero has emerged from stealth mode with $21 million in a seed funding round led by Andreessen Horowitz. The post Command Zero Emerges From Stealth Mode to Speed Up Cyber Investigations appeared first on SecurityWeek. Read More
-
Governments issue warning on China’s APT40 attacks
Post ContentRead More
-
SAP Patches High-Severity Vulnerabilities in PDCE, Commerce Ionut Arghire
Patch Tuesday: Enterprise software vendor SAP releases patches for high-severity vulnerabilities in multiple products and tools. The post SAP Patches High-Severity Vulnerabilities in PDCE, Commerce appeared first on SecurityWeek. Read More
-
Evolve Bank Data Breach Impacts 7.6 Million People Ionut Arghire
Evolve Bank says personal information of more than 7.6 million individuals was compromised in a ransomware attack. The post Evolve Bank Data Breach Impacts 7.6 Million People appeared first on SecurityWeek. Read More
-

RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks [email protected] (The Hacker News)
Cybersecurity researchers have discovered a security vulnerability in the RADIUS network authentication protocol called BlastRADIUS that could be exploited by an attacker to stage Mallory-in-the-middle (MitM) attacks and bypass integrity checks under certain circumstances. “The RADIUS protocol allows certain Access-Request messages to have no integrity or authentication checks,” InkBridgeRead More
-
Ransomware Gang Leaks Data Allegedly Stolen from Florida Department of Health Ionut Arghire
The Ransomhub ransomware gang has claimed the theft of 100GB of data from the Florida Department of Health. The post Ransomware Gang Leaks Data Allegedly Stolen from Florida Department of Health appeared first on SecurityWeek. Read More
