Security
Headlines
HeadlinesLatestCVEs

Tag

#google

Hackers Could Exploit Google Workspace and Cloud Platform for Ransomware Attacks

A set of novel attack methods has been demonstrated against Google Workspace and the Google Cloud Platform that could be potentially leveraged by threat actors to conduct ransomware, data exfiltration, and password recovery attacks. "Starting from a single compromised machine, threat actors could progress in several ways: they could move to other cloned machines with GCPW installed, gain access

The Hacker News
Open in Source
#mac#windows#google#microsoft#git#oauth#auth#chrome#ssl#The Hacker News
CVE-2023-44296: DSA-2023-419: Security Update for Mobility - E-Lab Navigator Vulnerabilities

Dell ELab-Navigator, version 3.1.9 contains a hard-coded credential vulnerability. A local attacker could potentially exploit this vulnerability, leading to unauthorized access to sensitive data. Successful exploitation may result in the compromise of confidential user information.

Update now! Microsoft patches 3 actively exploited zero-days

Microsoft has patched a total of 63 vulnerabilities this Patch Tuesday. Make sure you update as soon as you can.

Google’s New Titan Security Key Adds Another Piece to the Password-Killing Puzzle

The new generation of hardware authentication key includes support for cryptographic passkeys as Google pushes adoption of the more secure login alternative.

CVE-2023-6112: Stable Channel Update for Desktop

Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Domain Squatting and Brand Hijacking: A Silent Threat to Digital Enterprises

By Waqas Domain squatting can lead you to malicious websites, and it might be too late to realize what actually happened. This is a post from HackRead.com Read the original post: Domain Squatting and Brand Hijacking: A Silent Threat to Digital Enterprises

Lesson from Casio’s Data Breach: Why Database Security Still a Major Challenge for Businesses?

By Waqas Casio's data breach exposed a well-known secret: no one is immune to cyberattacks - It also exposes the highly vulnerable state of databases. This is a post from HackRead.com Read the original post: Lesson from Casio’s Data Breach: Why Database Security Still a Major Challenge for Businesses?

Reptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments

Intel has released fixes to close out a high-severity flaw codenamed Reptar that impacts its desktop, mobile, and server CPUs. Tracked as CVE-2023-23583 (CVSS score: 8.8), the issue has the potential to "allow escalation of privilege and/or information disclosure and/or denial of service via local access." Successful exploitation of the vulnerability could also permit a bypass of the CPU's

Alert: Microsoft Releases Patch Updates for 5 New Zero-Day Vulnerabilities

Microsoft has released fixes to address 63 security bugs in its software for the month of November 2023, including three vulnerabilities that have come under active exploitation in the wild. Of the 63 flaws, three are rated Critical, 56 are rated Important, and four are rated Moderate in severity. Two of them have been listed as publicly known at the time of the release. The updates are in