Vulnerability Archives - GBHackers - Latest Cyber Security News | Hacker News

Critical MikroTik RouterOS Flaw Exposes 900,000 Systems to Cyber Attacks

Eswar — Wed, 26 Jul 2023 11:03:39 +0000

MikroTik RouterOS were vulnerable to a privilege escalation vulnerability which was first disclosed in June 2022 at REcon. The vulnerability existed on the x86 Virtual Machines of RouterOS, where a root shell can be obtained. However, the new CVE for this vulnerability was assigned only in the middle of July 2023 when researchers at Vulncheck […]

The post Critical MikroTik RouterOS Flaw Exposes 900,000 Systems to Cyber Attacks appeared first on GBHackers - Latest Cyber Security News | Hacker News.

Zenbleed – AMD’s Zen2 Processor Flaw Allows Attackers to Steal Sensitive Data

Tushar Subhra Dutta — Tue, 25 Jul 2023 14:33:28 +0000

The CPUs that are based on x86-64 architecture feature XMM registers (128-bit), recently extended to 256-bit (YMM) and 512-bit (ZMM) for greater capacity. Beyond number crunching, the large registers (YMM and ZMM) are employed in various scenarios, including standard C library functions such as:- Tavis Ormandy, a Google security researcher, found a fresh AMD Zen2 […]

The post Zenbleed – AMD’s Zen2 Processor Flaw Allows Attackers to Steal Sensitive Data appeared first on GBHackers - Latest Cyber Security News | Hacker News.

15 More Vulnerabilities Added to 2023 CWE Top 25 Most Dangerous Software

Eswar — Tue, 25 Jul 2023 10:20:40 +0000

The CVE MITRE foundation has released the list of “On the Cusp” in which many of the CWEs (Common Weakness Enumerations) have increased as well as decreased in their rankings between 2022 and 2023. CVE releases the top 25 most dangerous software weaknesses which helps organizations to mitigate software security risks. However, exploitable vulnerabilities beyond […]

The post 15 More Vulnerabilities Added to 2023 CWE Top 25 Most Dangerous Software appeared first on GBHackers - Latest Cyber Security News | Hacker News.

Critical Zyxel Firewall Injection Flaw Exploited to Conduct DDoS Attacks

Sujatha — Mon, 24 Jul 2023 12:00:28 +0000

Increased botnet activity targeting vulnerability(CVE-2023-28771) in Zyxel devices has become a major concern to its users. This vulnerability lets the unauthorized attacker execute the arbitrary code by sending a specifically crafted packet to the targeted device. Since CISA added this vulnerability to the Known Exploited vulnerability, the surge of the attack has increased, and the […]

The post Critical Zyxel Firewall Injection Flaw Exploited to Conduct DDoS Attacks appeared first on GBHackers - Latest Cyber Security News | Hacker News.

Oracle Patches 32 Critical Flaws in MySQL, WebLogic Server, & VirtualBox VM

Eswar — Thu, 20 Jul 2023 14:32:14 +0000

Oracle has released a list of security patches for more than 130+ products. These products were used in several industries, including banking, communication, enterprise, development, and others. Oracle has released the severity rating and categorized them as critical, high, medium, and low based on their CVSS 3.1 score. Over 508 new security patches and CVE […]

The post Oracle Patches 32 Critical Flaws in MySQL, WebLogic Server, & VirtualBox VM appeared first on GBHackers - Latest Cyber Security News | Hacker News.

Jenkins Plugin Flaw Lets Attackers Gain Admin Access

Eswar — Thu, 13 Jul 2023 13:19:23 +0000

A recent security advisory from Jenkins reported that they had fixed 24 vulnerabilities affecting multiple Jenkins plugins. This Flaw includes 5 High, 18 Medium, and 1 Low severity vulnerabilities. Patches have been released for some of the affected plugins, while others are still under development. Affected Plugins and their Versions The list of affected Jenkins […]

The post Jenkins Plugin Flaw Lets Attackers Gain Admin Access appeared first on GBHackers - Latest Cyber Security News | Hacker News.

SonicWall Critical Flaws Let Attackers Bypass Authentication

Eswar — Thu, 13 Jul 2023 10:34:50 +0000

SonicWall has recently published a security notice in which 15 vulnerabilities were fixed. CVEs for these vulnerabilities have been published, and patches for 4 Critical, 4 High, and 7 Medium severity vulnerabilities have been patched as per the notice. These Vulnerabilities let attackers inject SQL queries and bypass authentication. Critical Severity Vulnerabilities CVE-2023-34134: Password Hash […]

The post SonicWall Critical Flaws Let Attackers Bypass Authentication appeared first on GBHackers - Latest Cyber Security News | Hacker News.

Citrix Secure Access Client Flaw Let Attackers Execute Remote Code

Eswar — Wed, 12 Jul 2023 14:43:30 +0000

Citrix has released security advisories for critical and high-severity vulnerabilities, which could allow threat actors to escalate their privileges if they have access to an endpoint with Standard user account permission. CVE-2023-24491: Citrix Desktop for Windows There is a security vulnerability in the Windows Citrix Desktop client that exists in versions lower than Citrix 23.5.1.3. […]

The post Citrix Secure Access Client Flaw Let Attackers Execute Remote Code appeared first on GBHackers - Latest Cyber Security News | Hacker News.

What is Vulnerability Assessment In Cybersecurity? – A Comprehensive Guide

Cyber Writes — Tue, 11 Jul 2023 08:49:15 +0000

One of the best methods for finding potential security gaps in your company’s cybersecurity design is a vulnerability assessment. You risk losing sensitive information to fraudsters who have been targeting charitable organizations more frequently since the epidemic hit if you don’t do vulnerability assessments regularly. It can have devastating effects down the road, like losing […]

The post What is Vulnerability Assessment In Cybersecurity? – A Comprehensive Guide appeared first on GBHackers - Latest Cyber Security News | Hacker News.

10 Best Free SSL Checker Tools 2023

Guru Baran — Sun, 09 Jul 2023 06:44:20 +0000

SSL Checker helps you in troubleshooting common SSL issues and SSL endpoint vulnerabilities. With the free SSL certificate checker tool, just you need to submit the domain name or IP address along with the port number to analyze the configuration and security of the website. These diagnostics tools help you in finding vulnerabilities in SSL […]

The post 10 Best Free SSL Checker Tools 2023 appeared first on GBHackers - Latest Cyber Security News | Hacker News.