by do son · Published November 20, 2024
As the e-commerce market continues to grow, so does the allure of online shopping. However, the rising tide of Black Friday deals has also attracted a wave of cybercriminal activity,...
by do son · Published November 20, 2024
Qualys Threat Research Unit uncovers five local privilege escalation flaws, enabling unprivileged users to gain root access. The Qualys Threat Research Unit (TRU) has disclosed five critical vulnerabilities in the...
by do son · Published November 20, 2024
A recently discovered vulnerability in the Trend Micro Deep Security 20 Agent could have allowed attackers to execute arbitrary code on affected machines. The vulnerability, identified as CVE-2024-51503, has been...
The cybersecurity employment market is at a record-high level, and it is only going to get bigger as threats keep on escalating. But it turns into a fierce battlefield where...
by do son · Published November 19, 2024
In a recent analysis, security researcher Sonny from watchTowr unveiled the technical intricacies of two zero-day vulnerabilities affecting Palo Alto Networks’ Next-Generation Firewalls (NGFW). Tracked as CVE-2024-0012 and CVE-2024-9474, these...
by do son · Published November 19, 2024
Atlassian has issued a security advisory warning of a critical remote code execution (RCE) vulnerability in its popular Sourcetree software for Mac and Windows. Tracked as CVE-2024-21697 and scoring an...
by do son · Published November 19, 2024
Google has released a new stable version of its Chrome browser for desktop, addressing three security vulnerabilities, including one high-severity flaw. The update, versions 131.0.6778.85/.86 for Windows and Mac and...
by do son · Published November 19, 2024
Oracle has issued an urgent security alert regarding a critical vulnerability in its Agile Product Lifecycle Management (PLM) software, tracked as CVE-2024-21287. This flaw allows attackers to remotely access sensitive...
by do son · Published November 19, 2024
In a detailed analysis, TRAC Labs has exposed a phishing campaign named Gabagool that targets corporate and government employees. The campaign leverages the trusted reputation of Cloudflare’s R2 storage service...
by do son · Published November 19, 2024
CVE-2024-47533 exposes Cobbler servers to unauthorized access and control, enabling attackers to manipulate system configurations. A critical vulnerability has been discovered in Cobbler, a popular Linux installation server used for...
by do son · Published November 19, 2024
Sekoia’s Threat Detection & Research (TDR) team uncovers a Linux variant of the Helldown ransomware, expanding the threat landscape. The Helldown ransomware group, previously known for targeting Windows systems, has...
Bitdefender Labs uncovers a sophisticated malvertising campaign spreading malware disguised as a Bitwarden security update. A new malvertising campaign exploits Facebook’s advertising platform to target Bitwarden users. The campaign uses...
by do son · Published November 19, 2024
A newly discovered vulnerability in the popular Wget download utility could allow attackers to launch server-side request forgery (SSRF) attacks. Security researcher Goni Golan from JFrog has identified a vulnerability...
In a detailed report, Proofpoint researchers have unveiled the alarming rise of a unique social engineering method dubbed ClickFix, which exploits human behavior to spread malware through self-inflicted compromises. Initially...
by do son · Published November 19, 2024
The Apache Software Foundation has released important security updates to address two critical vulnerabilities in Apache OFBiz, a popular open-source suite of business applications. These vulnerabilities, identified as CVE-2024-47208 and...
Support Securityonline.info site. Thanks!
