The vulnerability, tagged as CVE-2024-41110 with a CVSS severity score of 10/10, was originally found and fixed in 2018.
The post Docker Patches Critical AuthZ Plugin Bypass Vulnerability Dating Back to 2018 appeared first on SecurityWeek.
Category Added in a WPeMatico Campaign
Zest Security Aims to Resolve, Not Just Mitigate Cloud Risks
Zest Security emerged from stealth with $5 million funding and an AI-powered platform that resolves the root source of risk in the cloud.
The post Zest Security Aims to Resolve, Not Just Mitigate Cloud Risks appeared first on SecurityWeek.
Dazz Scores Hefty $50M Investment for AI-Powered Risk Remediation Tech
The new financing brings the total raised by Dazz to $110 million as investors double down on bets in the cloud security remediation space.
The post Dazz Scores Hefty $50M Investment for AI-Powered Risk Remediation Tech appeared first on SecurityWeek.
Is GhostEmperor Back? Sygnia Finds Clues in Recent Cyber Incident
Sygnia discovered what it believes to be a variant of the GhostEmperor infection chain leading to the Demodex rootkit – which was first seen and described in 2021.
The post Is GhostEmperor Back? Sygnia Finds Clues in Recent Cyber Incident appeared first on SecurityWeek.
Organizations Warned of Exploited Twilio Authy Vulnerability
CISA warns of the in-the-wild exploitation of CVE-2024-39891, a Twilio Authy bug leading to the disclosure of phone number data.
The post Organizations Warned of Exploited Twilio Authy Vulnerability appeared first on SecurityWeek.
57,000 Patients Impacted by Michigan Medicine Data Breach
Michigan Medicine is notifying roughly 57,000 individuals of a data breach impacting their personal and health information.
The post 57,000 Patients Impacted by Michigan Medicine Data Breach appeared first on SecurityWeek.
Siemens Patches Power Grid Product Flaw Allowing Backdoor Deployment
Siemens has released out-of-band updates to patch two potentially serious vulnerabilities in products used in energy supply.
The post Siemens Patches Power Grid Product Flaw Allowing Backdoor Deployment appeared first on SecurityWeek.
Verizon Subsidiary Settles With FCC for $16M Over Three Data Breaches
Verizon subsidiary TracFone Wireless settles for $16 million with the FCC over three old data breaches.
The post Verizon Subsidiary Settles With FCC for $16M Over Three Data Breaches appeared first on SecurityWeek.
Vanta Raises $150 Million at $2.45 Billion Valuation
Vanta has raised $150 million in a Series C funding round and it plans on using the money to fuel expansion and AI innovation.
The post Vanta Raises $150 Million at $2.45 Billion Valuation appeared first on SecurityWeek.
Chrome 127 Patches 24 Vulnerabilities
Chrome 127 was promoted to the stable channel with patches for 24 vulnerabilities, including 16 reported externally.
The post Chrome 127 Patches 24 Vulnerabilities appeared first on SecurityWeek.