Today is Microsoft’s October 2024 Patch Tuesday, which includes security updates for 118 flaws, including five publicly disclosed zero-days, two of which are actively exploited. […]
Windows 11 KB5044284 and KB5044285 cumulative updates released
Microsoft has released the KB5044284 and KB5044285 Windows 11 cumulative updates for versions 24H2 and 22H2/23H2 to fix security vulnerabilities and resolve 27 bugs and performance issues. […]
Adobe Patches Critical Bugs in Commerce and Magento Products
Adobe documents 25 vulnerabilities in Adobe Commerce and warns of code execution and privilege escalation exposure.
The post Adobe Patches Critical Bugs in Commerce and Magento Products appeared first on SecurityWeek.
Windows 10 KB5044273 update released with 9 fixes, security updates
Microsoft has released the KB5044273 cumulative update for Windows 10 22H2 and Windows 10 21H2, which includes nine changes and fixes, including a new Windows Update opt-in notification shown when you log in to the operating system. […]
Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited
Ivanti has warned that three new security vulnerabilities impacting its Cloud Service Appliance (CSA) have come under active exploitation in the wild.
The zero-day flaws are being weaponized in conjunction with another flaw in CSA that the company patched last month, the Utah-based software services provider said.
Successful exploitation of these vulnerabilities could allow an authenticated
The zero-day flaws are being weaponized in conjunction with another flaw in CSA that the company patched last month, the Utah-based software services provider said.
Successful exploitation of these vulnerabilities could allow an authenticated
Gamers Tricked Into Downloading Lua-Based Malware via Fake Cheating Script Engines
Users searching for game cheats are being tricked into downloading a Lua-based malware that is capable of establishing persistence on infected systems and delivering additional payloads.
“These attacks capitalize on the popularity of Lua gaming engine supplements within the student gamer community,” Morphisec researcher Shmuel Uzan said in a new report published today, adding “this malware
“These attacks capitalize on the popularity of Lua gaming engine supplements within the student gamer community,” Morphisec researcher Shmuel Uzan said in a new report published today, adding “this malware
SecurityWeek to Host Zero Trust Strategies Summit as Virtual Event on October 9th
Online summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies.
The post SecurityWeek to Host Zero Trust Strategies Summit as Virtual Event on October 9th appeared first on SecurityWeek.
Ivanti warns of three more CSA zero-days exploited in attacks
American IT software company Ivanti has released security updates to fix three new Cloud Services Appliance (CSA) zero-days tagged as actively exploited in attacks. […]
European govt air-gapped systems breached using custom malware
An APT hacking group known as GoldenJackal has successfully breached air-gapped government systems in Europe using two custom toolsets to steal sensitive data, like emails, encryption keys, images, archives, and documents. […]
SAP Patches Critical Vulnerability in BusinessObjects
SAP has released 12 new and updated security notes on October 2024 patch day, including one that fixes a critical flaw in BusinessObjects.
The post SAP Patches Critical Vulnerability in BusinessObjects appeared first on SecurityWeek.