• Cybersecurity News

Google has released a new stable version of its Chrome browser for desktop, addressing three security vulnerabilities, including one high-severity flaw. The update, versions 131.0.6778.85/.86 for Wind ... Read more

• Cybersecurity News

Researchers at Rapid7 have uncovered a fresh campaign using LodaRAT, a well-known remote access tool (RAT) that has been active since 2016. Initially developed for information gathering, LodaRAT has b ... Read more

• BleepingComputer

A recently disclosed Microsoft SharePoint remote code execution (RCE) vulnerability tracked as CVE-2024-38094 is being exploited to gain initial access to corporate networks. CVE-2024-38094 is a high- ... Read more

• TheCyberThrone

Threat actors have exploited a vulnerability in Microsoft SharePoint Server, identified as CVE-2024-38094, allowing them to gain complete domain access and compromise critical systems. The Rapid7 inci ... Read more

• Cybersecurity News

Image: Rapid7A recent report from Rapid7’s Incident Response team reveals a serious compromise of a Microsoft SharePoint server that enabled an attacker to gain entire domain access, impacting critica ... Read more

• The Hacker News

Hardware Security / Vulnerability More than six years after the Spectre security flaw impacting modern CPU processors came to light, new research has found that the latest AMD and Intel processors are ... Read more

• The Hacker News

A new attack technique could be used to bypass Microsoft's Driver Signature Enforcement (DSE) on fully patched Windows systems, leading to operating system (OS) downgrade attacks. "This bypass allows ... Read more

• Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Fortinet releases patches for publicly undisclosed critical FortiManager vulnerability In the last cou ... Read more

• Help Net Security

Threat actors have been leveraging zero and n-day vulnerabilities in Cisco security appliances (CVE-2024-20481), Microsoft Sharepoint (CVE-2024-38094), and Google’s Chrome browser (CVE-2024-4947). CVE ... Read more

• The Hacker News

Vulnerability / Network Security Cisco on Wednesday said it has released updates to address an actively exploited security flaw in its Adaptive Security Appliance (ASA) that could lead to a denial-of- ... Read more

• The Hacker News

The North Korean threat actor known as Lazarus Group has been attributed to the zero-day exploitation of a now-patched security flaw in Google Chrome to seize control of infected devices. Cybersecurit ... Read more

• Dark Reading

Source: Ascannio via Alamy Stock PhotoA high-severity flaw in Microsoft SharePoint, tracked as CVE-2024-38094, is under active exploit.The bug is a deserialization vulnerability, which is often used a ... Read more

• The Register

A Microsoft SharePoint bug that can allow an attacker to remotely inject code into vulnerable versions is under active exploitation, according to the US Cybersecurity and Infrastructure Security Agenc ... Read more

• The Hacker News

Vulnerability / Threat Intelligence A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure ... Read more

• security.nl

Aanvallers maken actief misbruik van een kwetsbaarheid in Microsoft SharePoint waardoor remote code execution (RCE) mogelijk is, zo laat het Cybersecurity and Infrastructure Security Agency (CISA) van ... Read more

• tripwire.com

Tripwire's July 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft.First on the list are patches for Microsoft Office and Outlook that resolve remote code executio ... Read more