<![CDATA[ Latest from ITPro in Exploits ]]> https://www.itpro.com/tag/exploits Thu, 23 Feb 2023 11:18:37 +0000 en <![CDATA[ Google pays largest-ever bug bounty worth £500,000 ]]> https://www.itpro.com/security/370116/google-pays-largest-ever-bug-bounty-worth-ps500000 mtYTnd1zHLHpYGMs6h88eG Thu, 23 Feb 2023 11:18:37 +0000 <![CDATA[ Windows 10 users locked out of devices by unskippable Microsoft 365 advert ]]> https://www.itpro.com/security/bugs/370000/windows-10-users-locked-out-of-devices-microsoft-365-advert 77MpCP2BHxSzzDhYtKMU4b Fri, 03 Feb 2023 13:02:08 +0000 <![CDATA[ Spanish spyware outfit uncovered, develops exploits for Windows, Chrome, and Firefox ]]> https://www.itpro.com/security/spyware/369624/spanish-spyware-outfit-exploit-windows-chrome-firefox cNidAx1jx2TnNJ31ENNGeK Thu, 01 Dec 2022 15:20:16 +0000 <![CDATA[ OpenSSL 3.0 vulnerability: Patch released for security scare ]]> https://www.itpro.com/security/vulnerability/369439/openssl-3-vulnerability-patch-for-security-scare P37887eegLic9Gk71Msia Tue, 01 Nov 2022 17:21:42 +0000 <![CDATA[ Hacker steals $566 million from Binance Bridge using proof-forgery exploit ]]> https://www.itpro.com/security/hacking/369270/hacker-stole-566-million-from-binance-bridge-using-proof-forgery-exploit egqgy6s92f8Z34jtCZHf57 Fri, 07 Oct 2022 13:55:26 +0000 <![CDATA[ CISA issues fresh orders to polish security vulnerability detection in federal agencies ]]> https://www.itpro.com/security/369252/cisa-issues-orders-to-polish-vulnerability-detection-in-federal-agencies p9shGjyXPikCRhYmM9JvUL Thu, 06 Oct 2022 09:35:36 +0000 <![CDATA[ Mozilla patches high-severity security flaws in new ‘speedy’ Firefox release ]]> https://www.itpro.com/security/vulnerability/369146/mozilla-patches-security-flaws-in-new-speedy-firefox d85PCh8Yg2NHpmGncM6pRk Fri, 23 Sep 2022 12:08:53 +0000 <![CDATA[ WordPress plugin vulnerability leaves sites open to total takeover ]]> https://www.itpro.com/security/vulnerability/369070/wordpress-plugin-vulnerability-site-total-takeover eKvbntYRZQr19uFDq9NmD8 Wed, 14 Sep 2022 11:50:50 +0000 <![CDATA[ Numerous HP business laptops and desktops vulnerable to publicly disclosed security bugs ]]> https://www.itpro.com/security/exploits/369043/numerous-hp-business-laptops-and-desktops-vulnerable-to-publicly-disclosed-bugs kaxAgtb3TjcoXKeDTCx2cw Mon, 12 Sep 2022 11:00:08 +0000 <![CDATA[ HP patches high-severity security flaw in its own support tool ]]> https://www.itpro.com/security/exploits/369018/hp-patches-high-severity-security-flaw-in-its-own-support-tool 99W6YXgvUtoxRPv5rC2Drc Thu, 08 Sep 2022 11:06:46 +0000 <![CDATA[ Zoom patches privilege escalation flaw for macOS users ]]> https://www.itpro.com/security/368813/zoom-patches-privilege-escalation-flaw-for-macos-users j3KZPu3AihBdXpfA14yvVW Tue, 16 Aug 2022 10:51:58 +0000 <![CDATA[ Dogwalk RCE variant among 121 vulnerabilities fixed in Microsoft's August Patch Tuesday ]]> https://www.itpro.com/security/zero-day-exploit/368779/dogwalk-rce-variant-among-121-vulnerabilities-fixed-in-microsofts-patch-tuesday svYpEthqRNs3mih1iVmpwd Wed, 10 Aug 2022 11:03:29 +0000 <![CDATA[ Leading malware campaigns are abusing genuine Windows shortcuts to bypass Microsoft's VBA macro block ]]> https://www.itpro.com/security/exploits/368742/malware-campaigns-abuse-windows-shortcuts-bypass-macros 857buePxG9qerRxSRR2THe Fri, 05 Aug 2022 09:52:54 +0000 <![CDATA[ GPS tracker exploit puts the world's most high-value individuals in real-world danger ]]> https://www.itpro.com/security/hacking/368602/gps-tracker-exploit-puts-the-worlds-most-high-value-individuals-in-real uU2bG1KvWcc527hcrCybwc Wed, 20 Jul 2022 10:00:41 +0000 <![CDATA[ How to protect against 'endemic' Log4j vulnerabilities ]]> https://www.itpro.com/security/cyber-security/368554/how-to-protect-against-endemic-log4j-vulnerabilities mSmwthyki6TKkonA4gpmPB Fri, 15 Jul 2022 08:51:00 +0000 <![CDATA[ Retbleed hardware-level flaw brings overhead woe to Intel and AMD ]]> https://www.itpro.com/hardware/368534/retbleed-hardware-level-flaw-brings-overhead-woe-to-intel-and-amd sKFsgg4UtrP8dTsz8hepV6 Wed, 13 Jul 2022 10:57:23 +0000 <![CDATA[ Chinese hackers exploit Microsoft zero-day as list of vulnerable Office products grows ]]> https://www.itpro.com/security/zero-day-exploit/367913/chinese-hackers-exploit-microsoft-zero-day ruUgitvkB9hVzvzYz3NidS Wed, 01 Jun 2022 10:13:40 +0000 <![CDATA[ Researchers demonstrate how to install malware on iPhone after it's switched off ]]> https://www.itpro.com/security/367725/researchers-demonstrate-how-to-install-malware-on-iphone-after-its-switched-off tMGwtbnH5xuLLV9S6HDwcg Wed, 18 May 2022 11:27:03 +0000 <![CDATA[ Actively exploited Windows vulnerability reaches peak severity when paired with popular attack ]]> https://www.itpro.com/security/367641/actively-exploited-windows-vulnerability-reaches-peak-severity cLebA65DRDfP6xGkxwE228 Wed, 11 May 2022 10:14:11 +0000 <![CDATA[ Microsoft's massive 145-vulnerability Patch Tuesday fixes ten critical exploits ]]> https://www.itpro.com/security/367413/microsofts-massive-145-vulnerability-patch-tuesday-fixes-ten-critical-exploits neCvWsgoM3Z4sMCC7GGTcj Wed, 13 Apr 2022 09:43:34 +0000 <![CDATA[ Microsoft Patch Tuesday fixes Windows 11 system reset bug ]]> https://www.itpro.com/security/vulnerability/365755/microsoft-fixes-windows-11-system-reset-flaw-patch-tuesday 9WcUBNbF4FDandg8PiYBVS Wed, 09 Mar 2022 11:19:27 +0000 <![CDATA[ Google doubles bug bounty rewards for Linux, Kubernetes exploits ]]> https://www.itpro.com/security/zero-day-exploit/362258/google-doubles-bug-bounty-linux-kubernetes-exploits eLFqyZs2JHmnrop3oU2cS7 Wed, 16 Feb 2022 10:51:28 +0000 <![CDATA[ 12-year-old Linux root privilege flaw has been "hiding in plain sight" ]]> https://www.itpro.com/software/linux/362069/pwnkit-12-year-old-linux-root-privilege-flaw-hiding-plain-sight 3GqsQadbkohCfeeM1QTe3u Wed, 26 Jan 2022 10:57:30 +0000 <![CDATA[ El Salvador becomes latest target of Pegasus spyware ]]> https://www.itpro.com/security/spyware/361971/el-salvador-becomes-latest-country-targeted-by-pegasus bVueqReuCZ3D7HqurxJVtC Thu, 13 Jan 2022 13:07:07 +0000 <![CDATA[ Lenovo ThinkPads vulnerable to privilege escalation exploit, researchers warn ]]> https://www.itpro.com/security/exploits/361865/lenovo-thinkpads-vulnerable-to-system-level-privilege-exploit vz2fs3eqCDY6wEDBfrnHtf Fri, 17 Dec 2021 12:22:30 +0000 <![CDATA[ Log4Shell: New numbers reveal the scale of the critical software exploit ]]> https://www.itpro.com/security/zero-day-exploit/361847/log4shell-zero-day-vulnerability-numbers-revealed 9DVJubW8DbQJdvSEdai5Te Wed, 15 Dec 2021 13:05:14 +0000 <![CDATA[ Researchers warn of increase in attacks against Zoho software ]]> https://www.itpro.com/security/cyber-security/361739/researchers-warn-increase-attacks-zoho-software s85gLvsKXwstReiJGfePo3 Fri, 03 Dec 2021 12:01:47 +0000 <![CDATA[ FBI email server hacked to send fake cyber attack alerts ]]> https://www.itpro.com/security/cyber-security/361537/fbi-hacked-fake-cyber-attack-warnings v1pUV6FDfwbGWjCNkKTyXs Mon, 15 Nov 2021 10:38:32 +0000 <![CDATA[ Researcher awarded $50,000 for discovering Samsung Galaxy S21 hack ]]> https://www.itpro.com/security/hacking/361455/experts-break-into-samsung-galaxy-s21-twice-at-pwn2own-hacking-event 4rz1qkXjQaRVxbVah5CD1b Fri, 05 Nov 2021 11:34:19 +0000 <![CDATA[ Microsoft Exchange Servers are being used to distribute Qakbot malware ]]> https://www.itpro.com/security/ransomware/361417/microsoft-exchange-servers-distribute-squirrelwaffle-malware 2172no4pnpVcpT4kDBGZaF Tue, 02 Nov 2021 11:28:22 +0000 <![CDATA[ Critical vulnerability discovered in popular CI/CD framework ]]> https://www.itpro.com/security/cyber-security/361400/critical-vulnerability-discovered-in-popular-cicd-framework pz3cojpCqnoRkk3a89joFz Fri, 29 Oct 2021 15:19:39 +0000 <![CDATA[ WordPress plugin exploit puts over 90,000 sites at risk ]]> https://www.itpro.com/security/vulnerability/361237/wordpress-plugin-exploit-puts-over-90000-sites-at-risk em7ueBCrbqgKp5xwPHizAV Thu, 14 Oct 2021 12:43:49 +0000 <![CDATA[ Weekly threat roundup: Microsoft Patch Tuesday, HP Omen, Apple ]]> https://www.itpro.com/security/exploits/360901/weekly-threat-roundup-microsoft-patch-tuesday-hp-omen-apple x6xPCTDc3PWbYzb526T9m8 Thu, 16 Sep 2021 11:43:54 +0000 <![CDATA[ Microsoft patches Internet Explorer zero-day under active attack ]]> https://www.itpro.com/security/vulnerability/360887/microsoft-patch-tuesday-internet-explorer-zero-day j9YCZobqrEB3TiSG6axNG5 Wed, 15 Sep 2021 08:58:56 +0000 <![CDATA[ Apple patches zero-day flaw abused by infamous NSO exploit ]]> https://www.itpro.com/security/exploits/360870/apple-patches-nso-forcedentry-zero-day-flaw pXSqH7DdvVTAYZ9DsFLjie Tue, 14 Sep 2021 09:02:44 +0000 <![CDATA[ Weekly threat roundup: Atlassian, Microsoft Office, Zoho ManageEngine ]]> https://www.itpro.com/security/vulnerability/360827/weekly-threat-roundup-atlassian-microsoft-and-zoho-manageengine fqPA19C8pWc3NrRi81JiBo Thu, 09 Sep 2021 12:14:51 +0000 <![CDATA[ Hackers exploit Windows zero-day to target users with Office files ]]> https://www.itpro.com/security/vulnerability/360805/microsoft-activex-zero-day-target-office-files 2RNd82RtPMQmSVWup4H6ah Wed, 08 Sep 2021 08:48:51 +0000 <![CDATA[ US officials warn of “mass exploitation” of Atlassian Confluence flaw ]]> https://www.itpro.com/security/hacking/360783/us-officials-warn-mass-exploitation-of-atlassian-confluence-flaw ujUnV2KTBVMpnAXFFLCz1Q Mon, 06 Sep 2021 09:23:05 +0000 <![CDATA[ Weekly threat roundup: Exchange Server, AMD CPUs, Azure Cosmos DB ]]> https://www.itpro.com/security/vulnerability/360752/weekly-threat-roundup-exchange-server-amd-cpus-azure-cosmos-db wC5bk9vqnewG78g1jydQTB Thu, 02 Sep 2021 11:25:05 +0000 <![CDATA[ Microsoft Exchange Server flaw lets attackers misconfigure mailboxes ]]> https://www.itpro.com/security/vulnerability/360724/microsoft-exchange-server-flaw-lets-attackers-misconfigure-mailboxes nY6qkxUZ1xUddUsJQd7LSD Tue, 31 Aug 2021 09:58:12 +0000 <![CDATA[ Weekly threat roundup: Ethereum, Razer mice, Cisco ]]> https://www.itpro.com/security/vulnerability/360698/weekly-threat-roundup-ethereum-razer-cisco iv395gR8vS6SvkGasSwzj8 Thu, 26 Aug 2021 12:03:34 +0000 <![CDATA[ Weekly threat roundup: Blackberry QNX, Cisco VPNs, Fortinet firewalls ]]> https://www.itpro.com/security/vulnerability/360626/weekly-threat-roundup-blackberry-qnx-cisco-vpns-fortinet-firewalls r6xk3qSJJ9b6YHg3tnGQsW Thu, 19 Aug 2021 11:24:42 +0000 <![CDATA[ What's behind the explosion in zero-day exploits? ]]> https://www.itpro.com/security/zero-day-exploit/360447/why-zero-day-exploits-are-surging-on-an-unprecedented-scale kWbBoDpgWewSufeKVJ3RGU Tue, 03 Aug 2021 08:06:46 +0000 <![CDATA[ The most exploited cyber security vulnerabilities ]]> https://www.itpro.com/security/exploits/360411/top-30-most-exploited-vulnerabilities 8gAUUdTvhXu9MfxUhSRJgp Thu, 29 Jul 2021 12:11:03 +0000 <![CDATA[ Weekly threat roundup: Windows 11, Cloudflare, Google Chrome ]]> https://www.itpro.com/security/vulnerability/360325/weekly-threat-roundup-windows-11-cloudflare-google-chrome oFuhX2L2FkgePkBUK7H1X3 Thu, 22 Jul 2021 12:09:46 +0000 <![CDATA[ Weekly threat roundup: SolarWinds, Microsoft, SonicWall ]]> https://www.itpro.com/security/exploits/360238/weekly-threat-roundup-solarwinds-microsoft-sonicwall oowzk6RacP4WE688SheYoX Thu, 15 Jul 2021 10:59:24 +0000 <![CDATA[ Microsoft makes second attempt to fix PrintNightmare flaw ]]> https://www.itpro.com/security/vulnerability/360219/microsoft-patch-tuesday-printnightmare-fix k95Vb8rfE8x4kJox2bcEH8 Wed, 14 Jul 2021 10:35:58 +0000 <![CDATA[ Microsoft warns SolarWinds customers that Serv-U is under attack ]]> https://www.itpro.com/security/cyber-attacks/360199/microsoft-warns-solarwinds-customers-that-serv-u-is-under-attack rfjrrVJZbctn6nFy8xkYjK Tue, 13 Jul 2021 09:36:03 +0000 <![CDATA[ Weekly threat roundup: Kaseya, PrintNightmare, Sage ]]> https://www.itpro.com/security/vulnerability/360154/weekly-threat-roundup-kaseya-printnightmare-sage epy5n3qW4cxriWCKkHtF4k Thu, 08 Jul 2021 12:21:12 +0000 <![CDATA[ Microsoft’s emergency 'PrintNightmare' patch fails to fix critical exploit ]]> https://www.itpro.com/security/vulnerability/360145/microsofts-emergency-printnightmare-patch-can-be-bypassed 2ic5gpUbFiZhjMUCRByTsw Thu, 08 Jul 2021 10:08:21 +0000