Ivanti EPM Vulnerability Exploited in the Wild

/in

An Ivanti EPM SQL injection vulnerability tracked as CVE-2024-29824 has been exploited to target some of the company’s customers.

The post Ivanti EPM Vulnerability Exploited in the Wild appeared first on SecurityWeek.

SecurityWeek – ​Read More

Cisco Patches Critical Vulnerability in Data Center Management Product

/in

A critical-severity vulnerability in Cisco NDFC could allow attackers to execute commands with elevated privileges.

The post Cisco Patches Critical Vulnerability in Data Center Management Product appeared first on SecurityWeek.

SecurityWeek – ​Read More

Court Data Exposed by Vulnerabilities in Software Used by US Government: Researcher

/in

Several e-filing and record management systems used in various US states were affected by serious vulnerabilities exposing sensitive data.

The post Court Data Exposed by Vulnerabilities in Software Used by US Government: Researcher appeared first on SecurityWeek.

SecurityWeek – ​Read More

Adobe Commerce Flaw Exploited to Compromise Thousands of Sites

/in

Over 4,000 Adobe Commerce and Magento stores unpatched against an exploited vulnerability have been compromised.

The post Adobe Commerce Flaw Exploited to Compromise Thousands of Sites appeared first on SecurityWeek.

SecurityWeek – ​Read More

License Plate Readers Are Creating a US-Wide Database of Political Lawn Signs and Bumper Stickers

/in

From Trump campaign signs to Planned Parenthood bumper stickers, license plate readers around the US are creating searchable databases that reveal Americans’ political leanings and more.

Security Latest – ​Read More

Cybersecurity Head Says There’s No Chance a Foreign Adversary Can Change US Election Results

/in

CISA director Jen Easterly says there is no chance a foreign adversary can change the results of the upcoming US election.

The post Cybersecurity Head Says There’s No Chance a Foreign Adversary Can Change US Election Results appeared first on SecurityWeek.

SecurityWeek – ​Read More

Chrome, Firefox Updates Patch High-Severity Vulnerabilities

/in

The latest Chrome and Firefox security updates address multiple high-severity vulnerabilities affecting the popular web browsers.

The post Chrome, Firefox Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek.

SecurityWeek – ​Read More

New Vulnerabilities Expose Hundreds of Thousands of DrayTek Routers to Hacking

/in

Forescout has identified more than a dozen new vulnerabilities in DrayTek routers, exposing hundreds of thousands of devices to attacks. 

The post New Vulnerabilities Expose Hundreds of Thousands of DrayTek Routers to Hacking appeared first on SecurityWeek.

SecurityWeek – ​Read More

Meta faces consequences for storing millions of passwords in plaintext

/in

Meta has been fined $101 million by Ireland’s Data Protection Commission for storing hundreds of millions of user passwords in plaintext. We don’t really need to point the obvious, that storing passwords in plaintext is major violation of security best practices. Disclosed by Meta in 2019, it was then revealed that passwords for various Meta-owned platforms were logged in plaintext and stored…

Source

TechSplicer – ​Read More

LockBit Ransomware and Evil Corp Leaders Arrested and Sanctioned in Joint Global Effort

/in

A new wave of international law enforcement actions has led to four arrests and the takedown of nine servers linked to the LockBit (aka Bitwise Spider) ransomware operation, marking the latest salvo against what was once a prolific financially motivated group.
This includes the arrest of a suspected LockBit developer in France while on holiday outside of Russia, two individuals in the U.K. who

The Hacker News – ​Read More