October 29, 2024 at 05:37AM Apple has launched security updates for iOS 18 and macOS Sequoia 15, fixing over 70 vulnerabilities. These updates enhance the security of various Apple products. **Meeting Takeaways:** 1. **Security Updates Released**: Apple has issued security updates for both iOS 18 and macOS Sequoia 15. 2. **Purpose of Updates**: These updates … Read more
September 17, 2024 at 10:21AM D-Link announced patches for critical vulnerabilities in wireless routers, including stack-based buffer overflow flaws and hardcoded credentials that could lead to remote code execution. The issues impact COVR-X1870, DIR-X5460, and DIR-X4860 models, with fixes released on September 13. D-Link urges researchers not to disclose vulnerabilities before patches are available. Meeting … Read more
September 11, 2024 at 06:57AM Ivanti announced security updates for Endpoint Manager, Cloud Service Appliance, and Workspace Control, addressing multiple high-severity vulnerabilities. Patches for Endpoint Manager resolve 16 flaws, including CVE-2024-29847, a critical-severity bug allowing remote code execution. Cloud Service Appliance patch resolves an OS command injection flaw. Workspace Control patches address six high-severity vulnerabilities. … Read more
August 22, 2024 at 06:21AM Google has released Chrome 128, addressing 38 vulnerabilities, including 20 reported by external researchers. Seven high-severity flaws were identified, with one exploited in the wild as a zero-day (CVE-2024-7971). The update also resolves other high, medium, and low-severity bugs and includes bug bounty rewards totaling $95,000. Users are urged to … Read more
June 18, 2024 at 12:36PM VMware, owned by Broadcom, has released patches for severe vCenter Server vulnerabilities, including heap-overflow flaws and local privilege escalation issues. These could lead to remote code execution or elevate privileges to root. Chinese cybersecurity company Qi An Xin and Matei Badanoiu of Deloitte Romania were credited for reporting the vulnerabilities. … Read more
March 28, 2024 at 12:18PM Splunk announced security patches for its Enterprise product addressing high-severity vulnerabilities, including CVE-2024-29946 impacting the Dashboard Examples Hub and CVE-2024-29945 related to potential exposure of authentication tokens. Patches, mitigations, and workarounds are available. Additionally, vulnerabilities introduced via third-party packages in Splunk Enterprise and Universal Forwarder have been patched. Cisco recently … Read more
October 24, 2023 at 03:03PM Kaspersky has released a report detailing the iOS zero-click attacks it suffered. Dubbed ‘Operation Triangulation’, the attacks used malicious iMessage attachments to exploit a zero-day vulnerability and deploy spyware named TriangleDB. The attackers implemented stealth techniques to avoid detection, including using two validators to collect device information and ensure the … Read more