#patching

[ follow ]
ITPro
1 week ago
Information security

VMware discloses flaws in Workstation and Fusion Pro products after making them free for personal use

VMware disclosed critical vulnerabilities in its hypervisor solutions, urging immediate patching to prevent exploitation by unauthorized actors. [ more ]
TechRepublic
2 weeks ago
Information security

Report: Organisations Have Endpoint Security Tools But Are Still Falling Short on the Basics

Organizations struggle to maintain compliance with security policies on managed PCs, risking cybersecurity foundation [ more ]
#vulnerabilities
Theregister
4 weeks ago
Information security

Four critical bugs in ArubaOS lead to remote code execution

Network admins should patch critical vulnerabilities in ArubaOS immediately to avoid remote code execution by privilege escalation. [ more ]
ComputerWeekly.com
3 months ago
Privacy professionals

Black Basta, Bl00dy ransomware gangs exploiting ConnectWise vulns | Computer Weekly

Ransomware gangs exploit ConnectWise ScreenConnect vulnerabilities with high CVE scores.
Multiple threat actors using leaked build of LockBit target unpatched organizations. [ more ]
DevOps.com
4 months ago
Software development

Mobb Extends DevSecOps Reach of Tool to Generate Patches - DevOps.com

Mobb now provides instant patches for vulnerabilities during a DevSecOps workflow.
The Mobb platform combines AI and security research to automatically create patches for vulnerabilities. [ more ]
Dark Reading
6 months ago
Information security

Exploited Vulnerabilities Can Take Months to Make KEV List

CISA added known software flaws to its KEV catalog months after they were disclosed and exploited.
The delayed updates to the KEV catalog can hinder security teams' patching efforts and put organizations at risk.
The examples of Adobe, Juniper, and Veeam demonstrate the long lead time for vulnerabilities to be included in the KEV catalog. [ more ]
morevulnerabilities
Theregister
3 months ago
Information security

Exploiting critical ConnectWise bug is 'embarrassingly easy'

ConnectWise ScreenConnect vulnerability requires urgent patch due to its severity rating, including RCE and path traversal flaws.
Researchers quickly developed working exploits, emphasizing the ease and severity of the vulnerabilities. [ more ]
Theregister
3 months ago
Information security

Zoom stomps critical privilege escalation bug, 6 other flaws

Zoom has revealed a critical privilege escalation vulnerability in its products that could allow unauthenticated users to gain higher privileges.
The company has released updates to patch the vulnerability, along with other medium-severity issues. [ more ]
[ Load more ]