Researchers uncover AMD chip flaw threatening cloud data – Go Health Pro

Researchers uncover AMD chip flaw threatening cloud data – Go Health Pro

Security researchers have identified a vulnerability in AMD processors that they have dubbed badRAM and which could allow threat actors with physical access to cloud computing environments to bypass encryption protections, reports The Record, a news site by cybersecurity firm Recorded Future. The flaw circumvents AMD’s Secure Encrypted Virtualization, which encrypts virtual machine memory to … Read more

Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers – Go Health Pro

Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers – Go Health Pro

Nov 27, 2024Ravie LakshmananVulnerability / Software Security A critical security flaw impacting the ProjectSend open-source file-sharing application has likely come under active exploitation in the wild, according to findings from VulnCheck. The vulnerability, originally patched over a year-and-a-half ago as part of a commit pushed in May 2023 , was not officially made available until … Read more

CISA Urges Agencies to Patch Critical “Array Networks” Flaw Amid Active Attacks – Go Health Pro

CISA Urges Agencies to Patch Critical “Array Networks” Flaw Amid Active Attacks – Go Health Pro

Nov 26, 2024Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched critical security flaw impacting Array Networks AG and vxAG secure access gateways to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation in the wild. The vulnerability, tracked as CVE-2023-28461 (CVSS score: 9.8), … Read more

Adload malware exploits flaw to bypass macOS protections for Safari – Go Health Pro

Adload malware exploits flaw to bypass macOS protections for Safari – Go Health Pro

Microsoft Threat Intelligence on Oct. 17 warned security teams that Microsoft Defender for Endpoint detected that Adload malware exploited a previously patched macOS vulnerability. Referred to as the HM Surf vulnerability, the flaw — CVE-2024-44133 — lets attackers bypass the transparency, consent, and control (TCC) protections for the Safari browser directory, giving attackers unlimited access … Read more

Fog, Akira ransomware groups exploit critical Veeam backup flaw – Go Health Pro

Fog, Akira ransomware groups exploit critical Veeam backup flaw – Go Health Pro

The Fog and Akira ransomware gangs have been observed exploiting a critical vulnerability that lets them run a remote code execution (RCE) on Veeam Backup and Replications servers. While Veeam disclosed this critical deserialization bug and released a patch for CVE-2024-40711 on Sept. 4, publication of the proof-of-concept (PoC) developed by watchTowr Labs was delayed … Read more