Security
Headlines
HeadlinesLatestCVEs

Tag

#google

CVE-2023-23514: About the security content of iOS 16.3.1 and iPadOS 16.3.1

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1. An app may be able to execute arbitrary code with kernel privileges..

CVE
Open in Source
#vulnerability#web#ios#mac#apple#google#dos#chrome#webkit
CVE-2023-23522: About the security content of macOS Ventura 13.2.1

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.2.1. An app may be able to observe unprotected user data..

PureCrypter Malware Targets Governments Through Discord

By Deeba Ahmed The PureCrypter malware is targeting government entities in North America and the Asia-Pacific region. This is a post from HackRead.com Read the original post: PureCrypter Malware Targets Governments Through Discord

CVE-2023-24249: GitHub - z-song/laravel-admin: Build a full-featured administrative interface in ten minutes

An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file.

Mobile Banking Trojans Surge, Doubling in Volume

Mobile malware developers were busy bees in 2022, flooding the cybercrime landscape with twice the number of banking trojans than the year before.

Password managers: A rough guide to enterprise secret platforms

The second part of our password manager series looks at business-grade tech to handle API tokens, login credentials, and more

Shocking Findings from the 2023 Third-Party App Access Report

Spoiler Alert: Organizations with 10,000 SaaS users that use M365 and Google Workspace average over 4,371 additional connected apps. SaaS-to-SaaS (third-party) app installations are growing nonstop at organizations around the world. When an employee needs an additional app to increase their efficiency or productivity, they rarely think twice before installing. Most employees don’t even realize

News Corp: Hackers sat undetected on its network for 2 years

By Waqas Rupert Murdoch's News Corp revealed a data breach in 2022, but it turns out that hackers had been in the media giant's network two years prior. This is a post from HackRead.com Read the original post: News Corp: Hackers sat undetected on its network for 2 years

ChromeLoader Malware Targeting Gamers via Fake Nintendo and Steam Game Hacks

A new ChromeLoader malware campaign has been observed being distributed via virtual hard disk (VHD) files, marking a deviation from the ISO optical disc image format. "These VHD files are being distributed with filenames that make them appear like either hacks or cracks for Nintendo and Steam games," AhnLab Security Emergency response Center (ASEC) said in a report last week. ChromeLoader (aka

Fighting online censorship, or, encryption's latest surprise use-case, with Mallory Knodel: Lock and Code S04E05

Categories: Podcast This week on Lock and Code, we speak with Mallory Knodel about the stories that countries tell their people to fear encryption, and why the most recent threats to encryption are different. (Read more...) The post Fighting online censorship, or, encryption's latest surprise use-case, with Mallory Knodel: Lock and Code S04E05 appeared first on Malwarebytes Labs.