Exploited: Cisco, SharePoint, Chrome vulnerabilities
Threat actors have been leveraging zero and n-day vulnerabilities in Cisco security appliances (CVE-2024-20481), Microsoft Sharepoint (CVE-2024-38094), and Google’s Chrome browser (CVE-2024-4947). CVE-2024-20481 (Cisco ASA/FTD) In the past few.....»»
New infosec products of the week: February 9, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Cisco, Metomic, OPSWAT, Qualys, and Varonis. Varonis MDDR helps organizations prevent data breaches Varonis introduced Varonis Managed Data Detection and Res.....»»
February 2024 Patch Tuesday forecast: Zero days are back and a new server too
January 2024 Patch Tuesday is behind us. A relatively light release from Microsoft with 39 CVEs addressed in Windows 10, 35 in Windows 11, and surprisingly no zero-day vulnerabilities from Microsoft to start the new year. January’s release was a bi.....»»
Chrome for desktop will be getting an Android-like feature
Google Chrome for desktop will soon be getting an update that will introduce an Android-like media player to the browser. The post Chrome for desktop will be getting an Android-like feature appeared first on Phandroid. There is a reason wh.....»»
Ivanti Connect Secure flaw massively exploited by attackers (CVE-2024-21893)
CVE-2024-21893, a server-side request forgery (SSRF) vulnerability affecting Ivanti Connect Secure VPN gateways and Policy Secure (a network access control solution), is being exploited by attackers. About CVE-2024-21893 CVE-2024-21893 allows a attac.....»»
Cisco brings Webex collaboration to spatial computing with Apple Vision Pro
Cisco is delivering the cutting edge goods for Apple users this month. Last week the company shipped Webex for Apple TV 4K. That lets you turn your TV into a conference call display with up to 25 participants simultaneously. Now Cisco is shipping Web.....»»
Adaptiva launches risk-based prioritization capability for OneSite Patch
Adaptiva announced the deployment of its new risk-based prioritization capability for OneSite Patch. The automated risk-based prioritization feature enables IT professionals to prioritize and patch vulnerabilities based on criticality and risk severi.....»»
Cisco Motific reduces GenAI security, trust, and compliance risks
Cisco announced Motific, Cisco’s SaaS product that allows for trustworthy GenAI deployments in organizations. Born from Outshift, Cisco’s incubation business, Motific provides a central view across the entire GenAI journey, empowering cen.....»»
As if 2 Ivanti vulnerabilities under exploit weren’t bad enough, now there are 3
Hackers looking to diversify began mass-exploiting a new vulnerability over the weekend. Enlarge (credit: Getty Images) Mass exploitation began over the weekend for yet another critical vulnerability in widely used VPN s.....»»
Cisco introduces new integrations across networking and security portfolios
Cisco introduced new capabilities and technologies across its networking portfolio that are designed to drive a more unified and integrated approach to managing and securing customer networks. IT organizations are looking to their technology provider.....»»
As if two Ivanti vulnerabilities under exploit weren’t bad enough, now there are 3
Hackers looking to diversify, began mass exploiting a new vulnerability over the weekend. Enlarge (credit: Getty Images) Mass exploitation began over the weekend for yet another critical vulnerability in widely used VPN.....»»
As if two Ivanti vulnerabilities under explot wasn’t bad enough, now there are 3
Hackers looking to diversify, began mass exploiting a new vulnerability over the weekend. Enlarge (credit: Getty Images) Mass exploitation began over the weekend for yet another critical vulnerability in widely used VPN.....»»
Businesses banning or limiting use of GenAI over privacy risks
Privacy is much more than a regulatory compliance matter. Findings from a new Cisco study highlight the growing Privacy concerns with GenAI, trust challenges facing organizations over their use of AI, and the attractive returns from privacy investmen.....»»
Week in review: Windows Event Log zero-day, exploited critical Jenkins RCE flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Prioritizing cybercrime intelligence for effective decision-making in cybersecurity In this Help Net Security interview, Alon Gal, CTO at Hudson Roc.....»»
The 23 best Google Chrome themes in 2024
If you want to add a bit of panache or a splash of color, check out a few of the best Chrome themes, which range from dark mode to puppies to pretty landscapes......»»
Chrome boss says Apple’s new iPhone browser engine approach stifles ‘real choice’
In response to the Digital Markets Act (DMA), Apple announced last week that it would allow “alternative” browser engines on the iPhone in Europe. Google’s head of Chrome today shared their thoughts on the upcoming iPhone browser engine change......»»
FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities
The FritzFrog cryptomining botnet has new potential for growth: a recently analyzed variant of the bot is exploiting the Log4Shell (CVE-2021-44228) and PwnKit (CVE-2021-4034) vulnerabilities for lateral movement and privilege escalation. The FritzFro.....»»
CVEMap: Open-source tool to query, browse and search CVEs
CVEMap is an open-source command-line interface (CLI) tool that allows you to explore Common Vulnerabilities and Exposures (CVEs). It’s designed to offer a streamlined and user-friendly interface for navigating vulnerability databases. Although.....»»
Microsoft Edge is apparently usurping Chrome on people’s PCs
An apparent bug that plays into criticisms of how Microsoft pushes Edge. Enlarge (credit: Aurich Lawson | Getty Images) If you run the Chrome browser in Windows 10 or 11 and you've suddenly discovered that you're running.....»»
Looks like We’re Finally Getting Google Chrome for Windows on Arm
This comes as a surprise as Google didn't previously mention upcoming support for Windows on Arm. The post Looks like We’re Finally Getting Google Chrome for Windows on Arm appeared first on Phandroid. Users looking for a fully-comp.....»»
Browsers like Chrome and Firefox can abandon WebKit in EU with iOS 17.4
EU regulations in the Digital Markets Act have forced Apple to allow full versions of third-party browsers on iPhone, and Apple isn't happy.Alternate browser choicesSafari runs on Apple's WebKit engine, and other browsers on iPhone have been required.....»»