Ivanti has released patches for multiple vulnerabilities in Endpoint Manager, Cloud Service Appliance, and Workspace Control.
The post Ivanti Patches Critical Vulnerabilities in Endpoint Manager appeared first on SecurityWeek.
Developers Beware: Lazarus Group Uses Fake Coding Tests to Spread Malware
Cybersecurity researchers have uncovered a new set of malicious Python packages that target software developers under the guise of coding assessments.
“The new samples were tracked to GitHub projects that have been linked to previous, targeted attacks in which developers are lured using fake job interviews,” ReversingLabs researcher Karlo Zanki said.
The activity has been assessed to be part of
“The new samples were tracked to GitHub projects that have been linked to previous, targeted attacks in which developers are lured using fake job interviews,” ReversingLabs researcher Karlo Zanki said.
The activity has been assessed to be part of
Data Breach at Golf Course Management Firm KemperSports Impacts 62,000
Golf course management company KemperSports has disclosed a cyberattack and data breach impacting over 62,000 individuals.
The post Data Breach at Golf Course Management Firm KemperSports Impacts 62,000 appeared first on SecurityWeek.
Chrome 128 Update Resolves High-Severity Vulnerabilities
Google has released a Chrome 128 security update to resolve high-severity memory safety vulnerabilities.
The post Chrome 128 Update Resolves High-Severity Vulnerabilities appeared first on SecurityWeek.
ICS Patch Tuesday: Advisories Published by Siemens, Schneider, ABB, CISA
Two dozen ICS Patch Tuesday advisories have been published by Siemens, Schneider Electric, CISA and ABB.
The post ICS Patch Tuesday: Advisories Published by Siemens, Schneider, ABB, CISA appeared first on SecurityWeek.
Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows Flaws
Microsoft on Tuesday disclosed that three new security flaws impacting the Windows platform have come under active exploitation as part of its Patch Tuesday update for September 2024.
The monthly security release addresses a total of 79 vulnerabilities, of which seven are rated Critical, 71 are rated Important, and one is rated Moderate in severity. This is aside from 26 flaws that the tech
The monthly security release addresses a total of 79 vulnerabilities, of which seven are rated Critical, 71 are rated Important, and one is rated Moderate in severity. This is aside from 26 flaws that the tech
Ivanti Releases Urgent Security Updates for Endpoint Manager Vulnerabilities
Ivanti has released software updates to address multiple security flaws impacting Endpoint Manager (EPM), including 10 critical vulnerabilities that could result in remote code execution.
A brief description of the issues is as follows –
A brief description of the issues is as follows –
CVE-2024-29847 (CVSS score: 10.0) – A deserialization of untrusted data vulnerability that allows a remote unauthenticated attacker to achieve code execution.
Microsoft fixes Windows Server performance issues from August updates
Microsoft says this month’s Patch Tuesday cumulative updates also fix a known issue causing Windows Server 2019 boot problems, freezes, and performance issues after installing the August 2024 security updates. […]
Ivanti fixes maximum severity RCE bug in Endpoint Management software
Ivanti has fixed a maximum severity vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers gain remote code execution on the core server. […]
New PIXHELL acoustic attack leaks secrets from LCD screen noise
A novel acoustic attack named ‘PIXHELL’ can leak secrets from air-gapped and audio-gapped systems, and without requiring speakers, through the LCD monitors they connect to. […]