Oracle releases 441 new security patches to address 230 vulnerabilities as part of its April 2024 Critical Patch Update.
The post Oracle Patches 230 Vulnerabilities With April 2024 CPU appeared first on SecurityWeek.
Delinea Scrambles to Patch Critical Flaw After Failed Responsible Disclosure Attempt
PAM company Delinea over the weekend rushed to patch a critical authentication bypass vulnerability after it apparently ignored the researcher who found the flaw.
The post Delinea Scrambles to Patch Critical Flaw After Failed Responsible Disclosure Attempt appeared first on SecurityWeek.
Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge
Palo Alto Networks has started releasing hotfixes for the firewall zero-day CVE-2024-3400, which some have linked to North Korea’s Lazarus.
The post Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge appeared first on SecurityWeek.
Palo Alto Networks Warns of Exploited Firewall Vulnerability
Palo Alto Networks warns of limited exploitation of a critical command injection vulnerability leading to code execution on firewalls.
The post Palo Alto Networks Warns of Exploited Firewall Vulnerability appeared first on SecurityWeek.
US Government on High Alert as Russian Hackers Steal Critical Correspondence From Microsoft
The US government says Midnight Blizzard’s compromise of Microsoft corporate email accounts “presents a grave and unacceptable risk to federal agencies.”
The post US Government on High Alert as Russian Hackers Steal Critical Correspondence From Microsoft appeared first on SecurityWeek.
Inside AWS’s Crusade Against IP Spoofing and DDoS Attacks
SecurityWeek speaks to Tom Scholl, VP and distinguished engineer at AWS, on how the organization tackles IP Spoofing and DDoS attacks.
The post Inside AWS’s Crusade Against IP Spoofing and DDoS Attacks appeared first on SecurityWeek.
Google Cloud Unveils New AI-Powered Security Capabilities
Google adds AI to cloud security features and announces other security capabilities for cloud customers.
The post Google Cloud Unveils New AI-Powered Security Capabilities appeared first on SecurityWeek.
Exploitation Attempts Target Unpatched Flaw Affecting Many D-Link NAS Devices
Unpatched D-Link NAS device vulnerability CVE-2024-3273, potentially affecting many devices, is being exploited in the wild.
The post Exploitation Attempts Target Unpatched Flaw Affecting Many D-Link NAS Devices appeared first on SecurityWeek.
Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits
Crowdfense has announced a $30 million exploit acquisition program covering Android, iOS, Chrome, and Safari zero-days.
The post Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits appeared first on SecurityWeek.
Browsing in Incognito Mode Doesn’t Protect You as Much as You Might Think
Incognito modes generally do not prevent the websites you visit from seeing your location, via your IP address, or stop your internet service provider from logging your activities.
The post Browsing in Incognito Mode Doesn’t Protect You as Much as You Might Think appeared first on SecurityWeek.
