Tag
It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Querijn Voet discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other vulnerabilities were also discovered and addressed.
IWT Imagine CMS version 1.0 suffers from a cross site scripting vulnerability.
Adobe Acrobat Reader versions 2019.021.20056 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
State and local governments in the US are scrambling to harness tools like ChatGPT to unburden their bureaucracies, rushing to write their own rules—and avoid generative AI's many pitfalls.
Google has officially begun its rollout of Privacy Sandbox in the Chrome web browser to a majority of its users, nearly four months after it announced the plans. "We believe it is vital to both improve privacy and preserve access to information, whether it's news, a how-to-guide, or a fun video," Anthony Chavez, vice president of Privacy Sandbox initiatives at Google, said. "Without viable
Categories: Podcast This week on Lock and Code, we revisit an earlier conversation with a Bay Area teenager about the hardest parts about growing up online. (Read more...) The post Re-air: What teenagers face growing up online: Lock and Code S04E19 appeared first on Malwarebytes Labs.
A new malware loader called HijackLoader is gaining traction among the cybercriminal community to deliver various payloads such as DanaBot, SystemBC, and RedLine Stealer. "Even though HijackLoader does not contain advanced features, it is capable of using a variety of modules for code injection and execution since it uses a modular architecture, a feature that most loaders do not have," Zscaler
Categories: Personal Tags: google Tags: chrome Tags: website Tags: API Tags: Topics Tags: tracking Tags: ads Tags: adverts Tags: cookies We take a look at a Chrome popup related to Topics API, which you may be seeing in the near future. (Read more...) The post Chrome's "Enhanced Ad Privacy": What you need to know appeared first on Malwarebytes Labs.
Plus: Apple patches newly discovered flaws exploited by NSO Group spyware, North Korean hackers target security researchers, and more.
Spyware masquerading as modified versions of Telegram have been spotted in the Google Play Store that’s designed to harvest sensitive information from compromised Android devices. According to Kaspersky security researcher Igor Golovin, the apps come with nefarious features to capture and exfiltrate names, user IDs, contacts, phone numbers, and chat messages to an actor-controlled server. The