December 12, 2023 at 04:17PM Apple released patches for numerous vulnerabilities on Dec. 11, impacting iPhones, Macs, Apple TVs, Apple Watches, and Safari. Notable flaws include an iOS FindMy location privacy issue, unauthenticated access to private browsing tabs, and Apple Watch webkit vulnerabilities. Also, an authentication bypass vulnerability affecting macOS, iOS, Linux, and Android was … Read more
December 12, 2023 at 02:18AM Apple has released security patches for multiple products, including iOS, iPadOS, macOS, tvOS, watchOS, and Safari browser. The updates address numerous security flaws, including two recent zero-day vulnerabilities. Vulnerabilities range from keystroke injection to arbitrary code execution. The updates also include improvements in privacy protection and address actively exploited security … Read more
December 8, 2023 at 01:00PM A set of security vulnerabilities in 5G mobile modems from major chipset vendors like MediaTek and Qualcomm, dubbed 5Ghoul, affects USB, IoT modems, and numerous smartphone models. The vulnerabilities, disclosed by researchers from SUTD, could allow for continuous or downgraded attacks. Patches have been released for most flaws, impacting product … Read more
November 17, 2023 at 05:08PM Retail businesses should prioritize assessing their cybersecurity readiness ahead of the busy holiday season, according to CompTIA. With online spending projected to reach $37 billion over Thanksgiving, Black Friday, and Cyber Monday, companies need to implement proactive measures. This includes installing security updates, monitoring networks, having a plan in place … Read more
November 9, 2023 at 01:08PM Android, with over 3 billion users, is a target for malware attacks. Anti-malware solutions like antivirus apps, firewalls, VPNs, and security patches are available but not foolproof against evolving threats. Evasion techniques and incremental malicious update attacks pose risks. Users should be cautious of downloads, keep devices and apps updated, … Read more
October 30, 2023 at 11:15PM Public exploit code for the critical Cisco IOS XE vulnerability (CVE-2023-20198) is now available, which has been used to hack tens of thousands of devices. Cisco has released patches for most IOS XE software releases, but internet scans show that thousands of systems are still compromised. Researchers have provided details … Read more
October 25, 2023 at 05:06AM VMware has released security updates to address a critical vulnerability in vCenter Server that can be exploited for remote code execution attacks. The vulnerability (CVE-2023-34048) allows unauthenticated attackers to remotely exploit it without user interaction. VMware has made patches available for affected products, including end-of-life versions. Administrators are advised to … Read more
October 25, 2023 at 12:33AM VMware has disclosed a critical vulnerability in its vCenter Server, along with a patch to fix it. The vulnerability, known as CVE-2023-34048, allows a malicious actor with network access to trigger an out-of-bounds write and potentially execute remote code. VMware has also released patches for unsupported versions of the software. … Read more
October 18, 2023 at 08:48AM Oracle has released 387 new security patches as part of the October 2023 CPU. Over 40 patches address critical-severity flaws and more than 200 resolve bugs that can be remotely exploited. The patches cover various Oracle products, with Financial Services Applications receiving the most fixes. Oracle advises customers to apply … Read more
October 13, 2023 at 09:19AM Juniper Networks has released patches for over 30 vulnerabilities in Junos OS and Junos OS Evolved. The most critical flaw is an incorrect default permissions bug that allows unauthorized access and the creation of a backdoor with root privileges. Other vulnerabilities include denial of service (DoS) risks and impacts on … Read more