October 12, 2023 at 12:46PM Apple has released security updates for older iPhones and iPads to address two zero-day vulnerabilities that were being exploited in attacks. The first vulnerability allows local attackers to elevate privileges on vulnerable devices, while the second vulnerability could allow threat actors to execute arbitrary code. Although Apple has not confirmed … Read more
October 10, 2023 at 07:58PM Microsoft has released over 100 security updates, including fixes for two bugs that are already being actively exploited. One of the vulnerabilities, known as Rapid Reset, is an HTTP/2 weakness that has been used since August to launch distributed denial of service (DDoS) attacks. Microsoft WordPad also has an information … Read more
October 10, 2023 at 07:54PM Researchers at Microsoft have identified a known nation-state threat actor, referred to as Storm-0062, as responsible for the recent zero-day exploits targeting Atlassian’s Confluence Data Center and Server products. The malicious activity had been ongoing since September 14, before Atlassian publicly disclosed the issue. Microsoft has provided IP addresses related … Read more