Ivanti warned customers on Tuesday about a new maximum-severity authentication bypass vulnerability in its Cloud Services Appliance (CSA) solution. […]
Adobe Patches Over 160 Vulnerabilities Across 16 Products
Adobe has patched over 160 vulnerabilities across over a dozen products, including Reader, Illustrator, Photoshop and Connect.
The post Adobe Patches Over 160 Vulnerabilities Across 16 Products appeared first on SecurityWeek.
Windows 10 KB5048652 update fixes new motherboard activation bug
Microsoft has released the KB5048652 cumulative update for Windows 10 22H2, which contains six fixes, including a fix that prevented Windows 10 from activating when you change a device’s motherboard. […]
Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws
Today is Microsoft’s December 2024 Patch Tuesday, which includes security updates for 71 flaws, including one actively exploited zero-day vulnerability. […]
Windows 11 KB5048667 & KB5048685 cumulative updates released
Microsoft has released the Windows 11 KB5048667 and KB5048685 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. […]
FTC distributes $72 million in Fortnite refunds from Epic Games
The Federal Trade Commission (FTC) is distributing over $72 million in Epic Game Fortnite refunds for the company’s use of dark patterns to trick players into making unwanted purchases. […]
US sanctions Chinese firm for hacking firewalls in ransomware attacks
The U.S. Treasury Department has sanctioned Sichuan Silence, a Chinese cybersecurity company, and one of its employees for their involvement in a series of Ragnarok ransomware attacks targeting U.S. critical infrastructure companies and many other victims worldwide in April 2020. […]
Wald.ai Raises $4M in Seed Funding to Protect Data in Conversations With AI Assistants
Wald.ai has raised $4 million in seed funding for a solution designed to ensure data protection when organizations use AI assistants.
The post Wald.ai Raises $4M in Seed Funding to Protect Data in Conversations With AI Assistants appeared first on SecurityWeek.
Cleo File Transfer Vulnerability Under Exploitation – Patch Pending, Mitigation Urged
Users of Cleo-managed file transfer software are being urged to ensure that their instances are not exposed to the internet following reports of mass exploitation of a vulnerability affecting fully patched systems.
Cybersecurity company Huntress said it discovered evidence of threat actors exploiting the issue en masse on December 3, 2024. The vulnerability, which impacts Cleo’s LexiCom,
Cybersecurity company Huntress said it discovered evidence of threat actors exploiting the issue en masse on December 3, 2024. The vulnerability, which impacts Cleo’s LexiCom,
New Cleo zero-day RCE flaw exploited in data theft attacks
Hackers are actively exploiting a zero-day vulnerability in Cleo managed file transfer software to breach corporate networks and conduct data theft attacks. […]