961 Results for:CVE

  • Sort by: 

Tetra radio users’ comms may have been exposed for years

By Alex Scroxton 25 Jul 2023

A number of flaws in the encryption algorithms used in the secure Tetra radio communications standard have potentially left users exposed to snooping Read More

June Patch Tuesday settles two Exchange Server bugs

By Tom Walat 14 Jun 2023

Microsoft's plans for upcoming security hardening in Kerberos and Netlogon protocols will have admins busy with testing over the next several weeks. Read More

Ivanti EPMM zero-day vulnerability exploited in wild

By Alexander Culafi 25 Jul 2023

A zero-day authentication bypass vulnerability in Ivanti Endpoint Manager Mobile was exploited in a cyber attack against a Norwegian government agency. Read More

Cisco patches zero-day vulnerability under attack

By Arielle Waldman 28 Sep 2023

Cisco said its Advanced Security Initiatives Group discovered the zero-day flaw while investigating attempted attacks on the vendor's Group Encrypted Transport VPN feature. Read More

Apple patches Blastpass exploit abused by spyware makers

By Alex Scroxton 08 Sep 2023

Apple has patched two vulnerabilities that formed an exploit chain which has been allegedly abused by spyware company NSO Read More

DHS funding breathes fresh life into SBOMs

By Beth Pariseau 17 Apr 2024

Protobom, now an OpenSSF sandbox project, is the first of multiple software supply chain security efforts funded under the Silicon Valley Innovation Program. Read More

No zero-days for June Patch Tuesday, but plenty to chew over

By Alex Scroxton 14 Jun 2023

On the face of it, Microsoft’s monthly round of updates is a lighter-than-usual load for security teams, with no zero-days in evidence, but there are still plenty of issues needing attention Read More

Ivanti MDM users told to patch against two dangerous flaws

By Alex Scroxton 02 Aug 2023

Users of Ivanti’s mobile device management platform have been warned to act now to patch two vulnerabilities that were chained by a threat actor in a series of cyber attacks on the Norwegian government Read More

Endor Labs: The value of (zooming into) call graphs

By Adrian Bridgwater 20 Oct 2023

This is a guest post for the Computer Weekly Developer Network written by Henrik Plate in his capacity as a security researcher at Endor Labs - a company known for its approach to ‘reachability ... Read More

Flashpoint observes 84% surge in ransomware attacks in 2023

By Arielle Waldman 27 Mar 2024

The threat intelligence vendor anticipates that enterprises will continue to face increases in ransomware activity and data breaches in 2024, with some silver linings ahead. Read More