21 C
New York

Tag: code execution

North Korean Hackers Exploited Chrome Zero-Day to Target Fintech, IT, and Media Firms

Google's Threat Analysis Group (TAG) on Thursday disclosed that it acted to mitigate threats from two distinct government-backed attacker groups based in North Korea that exploited a recently-uncovered remote code execution flaw in the Chrome web browser. The campaigns, once again "reflective of the regime's immediate concerns and priorities," are said to have targeted U.S. based organizations

Top News

Testnet for decentralized limit trading protocol DeGate goes live

DeGate, a decentralized exchange (DEX) protocol built on zero-knowledge technology, today announced the release of its testnet. Following testnet, plans call for the launch of the mainnet this summer. Zero-knowledge (ZK)-based DEX Gas fees are a major concern on Ethereum. Conventional AMM DEXs incur high gas fees on Ethereum and provide only market orders, where […]

The post Testnet for decentralized limit trading protocol DeGate goes live appeared first on CryptoNinjas.

Critical RCE Bugs Found in Pascom Cloud Phone System Used by Businesses

Researchers have disclosed three security vulnerabilities affecting Pascom Cloud Phone System (CPS) that could be combined to achieve a full pre-authenticated remote code execution of affected systems. Kerbit security researcher Daniel Eshetu said the shortcomings, when chained together, can lead to "an unauthenticated attacker gaining root on these devices." Pascom Cloud Phone System is an

Microsoft Patches Critical Exchange Server Flaw

Remote code execution vulnerability among 71 bug fixes issued in March Patch Tuesday.

Patch Tuesday: Microsoft Fixes Multiple Code Execution Flaws

Microsoft's Patch Tuesday bundle for this month is a big one: 74 documented vulnerabilities in multiple Windows products and components, some serious enough to lead to remote code execution attacks.

read more

Tag Template - News Hub PRO Tag Template - News Hub PRO Tag Template - News Hub PRO Tag Template - News Hub PRO Tag Template - News Hub PRO Tag Template - News Hub PRO Tag Template - News Hub PRO Tag Template - News Hub PRO

Medical and IoT Devices From More Than 100 Vendors Vulnerable to Attack

PTC has issued patches for seven vulnerabilities — three critical — in its widely used Axeda remote management technology.

New 16 High-Severity UEFI Firmware Flaws Discovered in Millions of HP Devices

Cybersecurity researchers on Tuesday disclosed 16 new high-severity vulnerabilities in various implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices. The shortcomings, which have CVSS scores ranging from 7.5 to 8.8, have been uncovered in HP's UEFI firmware. The variety of devices affected includes HP's laptops, desktops, point-of-sale
Tag Template - News Hub PRO

Adobe Patches ‘Critical’ Security Flaws in Illustrator, After Effects

Software maker Adobe on Tuesday shipped urgent security updates to fix code execution vulnerabilities in the widely deployed Illustrator and After Effects products.

read more

Tag Template - News Hub PRO Tag Template - News Hub PRO Tag Template - News Hub PRO Tag Template - News Hub PRO Tag Template - News Hub PRO Tag Template - News Hub PRO Tag Template - News Hub PRO Tag Template - News Hub PRO

Medical, IoT Devices From Many Manufacturers Affected by ‘Access:7’ Vulnerabilities

Many IoT and medical devices are affected by seven potentially serious vulnerabilities discovered in widely used remote management software, according to enterprise security company Forescout.

read more

Tag Template - News Hub PRO Tag Template - News Hub PRO Tag Template - News Hub PRO Tag Template - News Hub PRO Tag Template - News Hub PRO Tag Template - News Hub PRO Tag Template - News Hub PRO Tag Template - News Hub PRO

Critical “Access:7” Supply Chain Vulnerabilities Impact ATMs, Medical and IoT Devices

As many as seven security vulnerabilities have been disclosed in PTC's Axeda software that could be weaponized to gain unauthorized access to medical and IoT devices. Collectively called "Access:7," the weaknesses – three of which are rated Critical in severity – potentially affect more than 150 device models spanning over 100 different manufacturers, posing a significant supply chain risk.

The Continuing Threat of Unpatched Security Vulnerabilities

Unpatched software is a computer code containing known security weaknesses. Unpatched vulnerabilities refer to weaknesses that allow attackers to leverage a known security bug that has not been patched by running malicious code. Software vendors write additions to the codes, known as "patches," when they come to know about these application vulnerabilities to secure these weaknesses. Adversaries

Critical Bugs in TerraMaster TOS Could Open NAS Devices to Remote Hacking

Researchers have disclosed details of critical security vulnerabilities in TerraMaster network-attached storage (TNAS) devices that could be chained to attain unauthenticated remote code execution with the highest privileges. The issues reside in TOS, an abbreviation for TerraMaster Operating System, and "can grant unauthenticated attackers access to the victim's box simply by knowing the IP

Firefox patches two in-the-wild exploits – update now!

Firefox just published a double-zero-day patch - "remote code execution" combined with "sandbox escape". Update now!
Tag Template - News Hub PRO

Recent articles

spot_img