Tag: severity
-
Hacker News: Researchers have identified a total of 6 vulnerabilities in rsync
Source URL: https://www.openwall.com/lists/oss-security/2025/01/14/3 Source: Hacker News Title: Researchers have identified a total of 6 vulnerabilities in rsync Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses multiple vulnerabilities identified in the rsync software, including a critical heap buffer overflow that allows arbitrary code execution with minimal access rights. This communication is especially…
-
Krebs on Security: Microsoft: Happy 2025. Here’s 161 Security Updates
Source URL: https://krebsonsecurity.com/2025/01/microsoft-happy-2025-heres-161-security-updates/ Source: Krebs on Security Title: Microsoft: Happy 2025. Here’s 161 Security Updates Feedly Summary: Microsoft today unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three “zero-day" weaknesses that are already under active attack. Redmond’s inaugural Patch Tuesday of 2025 bundles more fixes than the company…
-
Slashdot: UK Plans To Ban Public Sector Organizations From Paying Ransomware Hackers
Source URL: https://news.slashdot.org/story/25/01/14/160241/uk-plans-to-ban-public-sector-organizations-from-paying-ransomware-hackers?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: UK Plans To Ban Public Sector Organizations From Paying Ransomware Hackers Feedly Summary: AI Summary and Description: Yes Summary: The U.K. government is considering a targeted ban on ransomware payments for public sector entities in response to rising cyberattacks. This proposal aims to disrupt the financial incentives that fuel…
-
The Register: UK floats ransomware payout ban for public sector
Source URL: https://www.theregister.com/2025/01/14/uk_ransomware_payout_ban/ Source: The Register Title: UK floats ransomware payout ban for public sector Feedly Summary: Stronger proposals may also see private sector applying for a payment ‘license’ A total ban on ransomware payments across the public sector might actually happen after the UK government opened a consultation on how to combat the trend…
-
The Register: Zero-day exploits plague Ivanti Connect Secure appliances for second year running
Source URL: https://www.theregister.com/2025/01/09/zeroday_exploits_ivanti/ Source: The Register Title: Zero-day exploits plague Ivanti Connect Secure appliances for second year running Feedly Summary: Factory resets and apply patches is the advice amid fortnight delay for other appliances The cybersecurity industry is urging those in charge of defending their orgs to take mitigation efforts “seriously" as Ivanti battles two…
-
The Register: Mitel 0-day, 5-year-old Oracle RCE bugs under active exploit
Source URL: https://www.theregister.com/2025/01/08/mitel_0_day_oracle_rce_under_exploit/ Source: The Register Title: Mitel 0-day, 5-year-old Oracle RCE bugs under active exploit Feedly Summary: 3 CVEs added to CISA’s catalog Cybercriminals are actively exploiting two vulnerabilities in Mitel MiCollab, including a zero-day flaw, alongside a critical remote code execution vulnerability in Oracle WebLogic Server that has been exploited for at least…
-
The Register: MediaTek rings in the new year with a parade of chipset vulns
Source URL: https://www.theregister.com/2025/01/06/mediatek_chipset_vulnerabilities/ Source: The Register Title: MediaTek rings in the new year with a parade of chipset vulns Feedly Summary: Manufacturers should have had ample time to apply the fixes MediaTek kicked off the first full working week of the new year by disclosing a bevy of security vulnerabilities, including a critical remote code…