Chrome 133 and Firefox 135 were released with patches for multiple high-severity memory safety vulnerabilities.
The post Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
Webinar Today: Defenders on the Frontline – Incident Response and Threat Intel Under the Microscope
Join this panel of CISOs and threat-intel professionals for a deep-dive on aligning incident response and threat intelligence with broader business objectives.
The post Webinar Today: Defenders on the Frontline – Incident Response and Threat Intel Under the Microscope appeared first on SecurityWeek.
Navigating the Future: Key IT Vulnerability Management Trends
As the cybersecurity landscape continues to evolve, proactive vulnerability management has become a critical priority for managed service providers (MSPs) and IT teams. Recent trends indicate that organizations increasingly prioritize more frequent IT security vulnerability assessments to identify and address potential security flaws.
Staying informed on these trends can help MSPs and IT teams
Staying informed on these trends can help MSPs and IT teams
CISA Issues Exploitation Warning for .NET Vulnerability
CISA has added CVE-2024-29059, a flaw affecting Microsoft .NET, to its Known Exploited Vulnerabilities catalog.
The post CISA Issues Exploitation Warning for .NET Vulnerability appeared first on SecurityWeek.
Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days
Multiple Zyxel legacy DSL CPE products are affected by exploited zero-day vulnerabilities that will not be patched.
The post Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days appeared first on SecurityWeek.
AsyncRAT Campaign Uses Python Payloads and TryCloudflare Tunnels for Stealth Attacks
A malware campaign has been observed delivering a remote access trojan (RAT) named AsyncRAT by making use of Python payloads and TryCloudflare tunnels.
“AsyncRAT is a remote access trojan (RAT) that exploits the async/await pattern for efficient, asynchronous communication,” Forcepoint X-Labs researcher Jyotika Singh said in an analysis.
“It allows attackers to control infected systems
“AsyncRAT is a remote access trojan (RAT) that exploits the async/await pattern for efficient, asynchronous communication,” Forcepoint X-Labs researcher Jyotika Singh said in an analysis.
“It allows attackers to control infected systems
CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The list of vulnerabilities is as follows –
The list of vulnerabilities is as follows –
CVE-2024-45195 (CVSS score: 7.5/9.8) – A forced browsing vulnerability in Apache OFBiz that allows a remote attacker to obtain unauthorized
Zyxel won’t patch newly exploited flaws in end-of-life routers
Zyxel has issued a security advisory about actively exploited flaws in CPE Series devices, warning that it has no plans to issue fixing patches and urging users to move to actively supported models. […]
Sophos Completes Acquisition of Secureworks
Sophos has completed its $859 million all-cash acquisition of SecureWorks.
The post Sophos Completes Acquisition of Secureworks appeared first on SecurityWeek.
Google Play, Apple App Store apps caught stealing crypto wallets
A new campaign dubbed ‘SparkCat’ has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers. […]