brangberg – Page 896

Ivanti Patches Critical Flaws in Connect Secure and Policy Secure – Update Now

Ivanti has released security updates to address multiple security flaws impacting Connect Secure (ICS), Policy Secure (IPS), and Cloud Services Application (CSA) that could be exploited to achieve arbitrary code execution.
The list of vulnerabilities is below –

CVE-2024-38657 (CVSS score: 9.1) – External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy

Cybercrime Threatens National Security, Google Threat Intel Team Says

On the eve of the Munich Security Conference, Google argues that the cybercriminal threat should be treated as a national security threat like state-backed hacking groups.

The post Cybercrime Threatens National Security, Google Threat Intel Team Says appeared first on SecurityWeek.

Microsoft Patches ‘Wormable’ Windows Flaw and File-Deleting Zero-Day

The Microsoft Patch Tuesday machine hummed loudly this month urgent fixes for a pair of already-exploited Windows zero-days.

The post Microsoft Patches ‘Wormable’ Windows Flaw and File-Deleting Zero-Day appeared first on SecurityWeek.

Windows 10 KB5051974 update force installs new Microsoft Outlook app

Microsoft has released the KB5051974 cumulative update for Windows 10 22H2 and Windows 10 21H2, which automatically installs the new Outlook for Windows app and fixes a memory leak bug. […]

Adobe Plugs 45 Software Security Holes, Warn of Code Execution Risks

Patch Tuesday: Adobe patches 45 vulnerabilities across multiple products and warn of remote code execution exploitation risks.

The post Adobe Plugs 45 Software Security Holes, Warn of Code Execution Risks appeared first on SecurityWeek.

Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws

Today is Microsoft’s February 2025 Patch Tuesday, which includes security updates for 55 flaws, including four zero-day vulnerabilities, with two actively exploited in attacks. […]

Fortinet warns of new zero-day exploited to hijack firewalls

Fortinet warned today that attackers are exploiting another authentication bypass zero-day bug in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks. […]

Windows 11 KB5051987 & KB5051989 cumulative updates released

Microsoft has released Windows 11 KB5051987 and KB5051989 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. […]

Russian Cybercrime Network Targeted for Sanctions Across US, UK and Australia

Russia-based bulletproof hosting services provider Zservers was sanctioned for providing services to support LockBit ransomware operations.

The post Russian Cybercrime Network Targeted for Sanctions Across US, UK and Australia appeared first on SecurityWeek.

High-Severity OpenSSL Vulnerability Found by Apple Allows MitM Attacks

OpenSSL has patched CVE-2024-12797, a high-severity vulnerability found by Apple that can allow man-in-the-middle attacks.

The post High-Severity OpenSSL Vulnerability Found by Apple Allows MitM Attacks appeared first on SecurityWeek.

Author: brangberg