You searched for privilege escalation | SC Media

Your search for privilege escalation returned 449 results

Your search for privilege escalation returned 449 results

Sort Results:

Relevant Recent
Security News, Vulnerabilities

Intel forced to discontinue multiple products due to vulnerabilities

Intel issued security advisories for nine vulnerabilities, with two rated high and seven medium, in six product areas. Intel’s NUC line of small form factor PCs were patched for the high-rated CVE-2020-0600. There are improper buffer restrictions in the firmware for 10 of the NUC designs that may allow an authenticated user to potentially enable…
Executive Insight, Opinion

A 10-point plan for securing remote workers

Globally, more and more organizations are beginning to enforce work from home policies for employees and contractors. Opening up this kind of remote access for employees and contractors across all departments is new for many organizations. While several organizations have remote access for their IT support personnel, allowing access for all major departments, including core…
Security News, Vulnerabilities

Adobe offers up a light Patch Tuesday for April

Adobe issued a mild batch of Patch Tuesday security update for April covering three products with all vulnerabilities being rated as important. ColdFusion 2016 and 2018 received patches for CVE-2020-3767, an insufficient input validation issue that can lead to an application-level DoS situation;  CVE-2020-3768 is a DLL search-order hijacking problem that can lead to Privilege…
Coronavirus, Events, Network Security, Security News, Vulnerabilities

Pwn2Own contest yields 13 bugs, as virtual format expands talent pool

Research teams at the Pwn2Own 2020 competition successfully exploited 13 software vulnerabilities this past week, including bugs found in products from Adobe, Apple, Microsoft, Oracle and Ubuntu. Participants earned $270,000 over the two-day event — the first Pwn2Own ever to be held virtually, as a measure to combat the rapid spread of the novel coronavirus.…
Security News, Vulnerabilities

Drupal, Google and Cisco post security advisories

Batches of security advisories were rolled out by Drupal, Google and Cisco yesterday addressing a host of critical-rated issues for their products. Drupal addressed a critical vulnerability affecting Drupal 8.7 and 8.8. The issue is a Cross Site Scripting vulnerability in third-party libraries. An attacker that can create or edit content may be able to…
patch flaw vulnerability
Security News, Vulnerabilities

Adobe patches 41 vulnerabilities, 22 in Photoshop

Adobe may have skipped March Patch Tuesday to push out security updates but caught up today issuing advisories covering 41 vulnerabilities, the majority critical, over six products. The products included Adobe Genuine Integrity Service, Acrobat Reader, Photoshop, Experience Manager, ColdFusion 2016 and 2018 and Bridge. None of the vulnerabilities have been spotted in the wild…
VMware advisory warns users to patch critical issue in product
Network Security, Security News, Vulnerabilities

VMware squashes critical code execution bug in hypervisors

VMware has updated its Workstation hosted hypervisor and Fusion software hypervisor, fixing a critical vulnerability that could be exploited to trigger arbitrary code execution or a denial of service condition. The virtualization and cloud computing software provider company also fixed two important privilege escalation flaws spread out between four of its products. Designated CVE-2020-3947, the most critical…
Security News, Vulnerabilities

Intel issues nine security advisories

Intel rolled out nine security advisories for a variety of components associated with its processors and graphics drivers, with four having a high severity rating and the remainder medium. The high-rated advisory for Intel graphics drivers contains 17 CVEs, which if left unpatched and exploited could lead to escalation of privilege, denial of service and…
SC Corporate News, Security News

The winners of the 2020 SC Awards Honored in the U.S.

Trust AwardBest Authentication TechnologyForgeRockForgeRock Identity Platform All journeys have a beginning, middle and an end, and it’s the job of the ForgeRock Identity Platform to ensure that every authentication journey, from start to finish, remains safe for the client and easy for the user. The platform’s Intelligent Authentication feature delivers the unique ability to visually map user authentication journeys with a drag-and-drop interface…
APTs/cyberespionage, Cybercrime, Security News

Fox Kitten APT campaign exploits VPN flaws hours after public disclosure

Iranian APT actors have engaged in a long-running cyber espionage and data theft campaign that has victimized dozens of companies around the world, typically compromising them via virtual private network and Remote Desktop Protocol services, according to a new research report. Vulnerable VPNs have been such a favorite attack vector of choice among these actors…
Next post in Cybercrime