Search cyberveille.decio.ch

Found 16 bookmarks

Custom sorting

ESET Vulnerability Exploited for Stealthy Malware Execution - SecurityWeek

A vulnerability impacting multiple ESET products has been exploited by an APT group to load malicious DLL libraries and silently deploy malware, Kaspersky reports. The issue, tracked as CVE-2024-11859, is described as a DLL search order hijacking flaw that could be exploited by attackers with administrative privileges for arbitrary code execution.

#securityweek #EN #2025 #ESET #Kaspersky #Vulnerability #CVE-2024-11859 #DLL

·securityweek.com·yesterday at 8:49 AM

ESET Vulnerability Exploited for Stealthy Malware Execution - SecurityWeek

VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest

VMware warned that an attacker with network access could send a specially crafted packet to execute remote code. CVSS severity score 9.8/10.

#securityweek #EN #2024 #CVE-2024-38812 #CVE-2024-38813 #VMware #RCE #vulnerability

·securityweek.com·Sep 17, 2024

VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest

Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild

SonicWall is warning customers that the recently patched critical vulnerability CVE-2024-40766 may be exploited in the wild.

#securityweek #EN #2024 #Vulnerability #CVE-2024-40766 #exploited

·securityweek.com·Sep 6, 2024

Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild

Microsoft Copilot Studio Vulnerability Led to Information Disclosure

A vulnerability in Microsoft Copilot Studio could be exploited to access sensitive information on the internal infrastructure used by the service, Tenable reports. The flaw, tracked as CVE-2024-38206 (CVSS score of 8.5) and described as a ‘critical’ information disclosure bug, has been fully mitigated, Microsoft said in an August 6 advisory.

#securityweek #EN #2024 #Microsoft #Copilot #Studio #Vulnerability #information #disclosure #bug #CVE-2024-38206

·securityweek.com·Aug 24, 2024

Microsoft Copilot Studio Vulnerability Led to Information Disclosure

NIST Getting Outside Help for National Vulnerability Database

NIST announced on Wednesday that it will be receiving outside help to get the National Vulnerability Database (NVD) back on track within the next few months. The organization informed the cybersecurity community in February that it should expect delays in the analysis of Common Vulnerabilities and Exposures (CVE) identifiers in the NVD, saying that it was working to establish a consortium to improve the program.

#securityweek #EN #2024 #NIST #CVE #National #Vulnerability #Database #NVD

·securityweek.com·Jun 1, 2024

NIST Getting Outside Help for National Vulnerability Database

Security Flaw in WP-Members Plugin Leads to Script Injection

Attackers could exploit a high-severity cross-site Scripting (XSS) vulnerability in the WP-Members Membership WordPress plugin to inject arbitrary scripts into web pages, according to an advisory from security firm Defiant.

#securityweek #EN #2024 #plugin #WP #Wordpress #WP-Members #Injection #vulnerability

·securityweek.com·Apr 4, 2024

Security Flaw in WP-Members Plugin Leads to Script Injection

WordPress Plugin Vulnerability Exposed Ferrari Website to Hackers

A vulnerability in a WordPress plugin exposed the official website of sports car maker Ferrari to hacker attacks.

#securityweek #EN #2023 #WordPress #Ferrari #vulnerability

·securityweek.com·May 15, 2023

WordPress Plugin Vulnerability Exposed Ferrari Website to Hackers

VMware Patches Critical Vulnerability Disclosed at Pwn2Own Hacking Contest

VMware this week released patches for a critical vulnerability disclosed at the Pwn2Own Vancouver 2023 hacking contest.

#securityweek #EN #2023 #VMware #critical #vulnerability #Pwn2Own #CVE-2023-20869

·securityweek.com·Apr 26, 2023

VMware Patches Critical Vulnerability Disclosed at Pwn2Own Hacking Contest

Zoom Patches High Risk Flaws on Windows, MacOS Platforms

Video messaging giant Zoom has released patches for multiple security vulnerabilities that expose both Windows and macOS users to malicious hacker attacks.

#securityweek #EN #2023 #CVE-2022-36930 #CVE-2022-36929 #CVE-2022-36927 #patch-tuesday #zoom #zoom-rooms #windows #macos #video-conferencing #video-messaging #privilege-escalation #vulnerability

·securityweek.com·Jan 11, 2023

Zoom Patches High Risk Flaws on Windows, MacOS Platforms

Realtek SDK Vulnerability Exposes Routers From Many Vendors to Remote Attacks

A serious vulnerability affecting the eCos SDK made by Taiwanese semiconductor company Realtek could expose the networking devices of many vendors to remote attacks.

#securityweek #EN #2022 #SDK #remote #attack #vulnerability #Rrealtek #CVE-2022-27255

·securityweek.com·Aug 13, 2022

Realtek SDK Vulnerability Exposes Routers From Many Vendors to Remote Attacks

Zimbra Credential Theft Vulnerability Exploited in Attacks

CISA has urged organizations to patch a recent Zimbra credential theft vulnerability after reports of exploitation in the wild.

#securityweek #EN #Zimbra #vulnerability #CVE-2022-27924 #credential-theft #exploited #CISA #email

·securityweek.com·Aug 8, 2022

Zimbra Credential Theft Vulnerability Exploited in Attacks

Zoom Patches High Risk Flaws on Windows, MacOS Platforms

Video messaging giant Zoom has released patches for multiple security vulnerabilities that expose both Windows and macOS users to malicious hacker attacks.

#securityweek #EN #2023 #CVE-2022-36930 #CVE-2022-36929 #CVE-2022-36927 #patch-tuesday #zoom #zoom-rooms #windows #macos #video-conferencing #video-messaging #privilege-escalation #vulnerability

·securityweek.com·Jan 11, 2023

Zoom Patches High Risk Flaws on Windows, MacOS Platforms

Realtek SDK Vulnerability Exposes Routers From Many Vendors to Remote Attacks

A serious vulnerability affecting the eCos SDK made by Taiwanese semiconductor company Realtek could expose the networking devices of many vendors to remote attacks.

#securityweek #EN #2022 #SDK #remote #attack #vulnerability #Rrealtek #CVE-2022-27255

·securityweek.com·Aug 13, 2022

Realtek SDK Vulnerability Exposes Routers From Many Vendors to Remote Attacks

Zimbra Credential Theft Vulnerability Exploited in Attacks

CISA has urged organizations to patch a recent Zimbra credential theft vulnerability after reports of exploitation in the wild.

#securityweek #EN #Zimbra #vulnerability #CVE-2022-27924 #credential-theft #exploited #CISA #email

·securityweek.com·Aug 8, 2022

Zimbra Credential Theft Vulnerability Exploited in Attacks

Realtek SDK Vulnerability Exposes Routers From Many Vendors to Remote Attacks

A serious vulnerability affecting the eCos SDK made by Taiwanese semiconductor company Realtek could expose the networking devices of many vendors to remote attacks.

#securityweek #EN #2022 #SDK #remote #attack #vulnerability #Rrealtek #CVE-2022-27255

·securityweek.com·Aug 13, 2022

Realtek SDK Vulnerability Exposes Routers From Many Vendors to Remote Attacks

Zimbra Credential Theft Vulnerability Exploited in Attacks

CISA has urged organizations to patch a recent Zimbra credential theft vulnerability after reports of exploitation in the wild.

#securityweek #EN #Zimbra #vulnerability #CVE-2022-27924 #credential-theft #exploited #CISA #email

·securityweek.com·Aug 8, 2022

Zimbra Credential Theft Vulnerability Exploited in Attacks