New Google paper calls for increased transparency from vendors regarding their vulnerability management practices.
The post Google Proposes More Transparent Vulnerability Management Practices appeared first on SecurityWeek.
New Google paper calls for increased transparency from vendors regarding their vulnerability management practices.
The post Google Proposes More Transparent Vulnerability Management Practices appeared first on SecurityWeek.
Hikvision patches CVE-2023-28808, a critical authentication bypass vulnerability that exposes video data stored on its Hybrid SAN and cluster storage products.
The post Critical Vulnerability in Hikvision Storage Solutions Exposes Video Security Data appeared first on SecurityWeek.
A critical vulnerability in Fortinet’s FortiPresence data analytics solution leads to remote, unauthenticated access to Redis and MongoDB instances.
The post Fortinet Patches Critical Vulnerability in Data Analytics Solution appeared first on SecurityWeek.
A Windows zero-day tracked as CVE-2023-28252 and fixed by Microsoft with its April Patch Tuesday updates has been exploited in Nokoyawa ransomware attacks.
The post Windows Zero-Day Exploited in Nokoyawa Ransomware Attacks appeared first on SecurityWeek.
Two critical vulnerabilities in SAP Diagnostics Agent allow attackers to execute malicious commands on all monitored systems.
The post SAP Patches Critical Vulnerabilities in Diagnostics Agent, BusinessObjects appeared first on SecurityWeek.
ChatGPT creator OpenAI announced a new bug bounty program that will pay up to $20,000 for advance notice on security vulnerabilities found by hackers.
The post ChatGPT Creator OpenAI Ready to Pay Hackers for Security Flaws appeared first on SecurityWeek.
For the second month in a row, Microsoft patches an already-exploited vulnerability in its flagship Windows operating system.
The post Microsoft Patches Another Already-Exploited Windows Zero-Day appeared first on SecurityWeek.
Adobe documents 56 security defects in multiple products, some serious enough to expose Windows and macOS users to code execution attacks.
The post Adobe Plugs Gaping Security Holes in Reader, Acrobat appeared first on SecurityWeek.
Siemens and Schneider Electric’s Patch Tuesday advisories for April 2023 address a total of 38 vulnerabilities found in their products.
The post ICS Patch Tuesday: Siemens, Schneider Electric Address Dozens of Vulnerabilities appeared first on SecurityWeek.
Three days after announcing patches for new zero-days affecting iOS and macOS, Apple released fixes for devices running older operating system versions.
The post Apple Rolls Out Zero-Day Patches to Older iOS, macOS Devices appeared first on SecurityWeek.