Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

CVE-2022-36569: IoTvuln/tenda_ac9_setMacFilterCfg.md at main · CyberUnicornIoT/IoTvuln

Tenda AC9 V15.03.05.19 was discovered to contain a stack overflow via the deviceList parameter at /goform/setMacFilterCfg.

CVE
Open in Source
#vulnerability#web#mac#apple#dos#intel#rce#buffer_overflow#auth#chrome#webkit
European Spyware Vendor Intellexa Offering Android, iOS Device Exploits

By Deeba Ahmed The proposal documents were leaked on a Russian hacking forum showing Intellexa is offering remote data extraction from Android and iOS devices in exchange for $8 million. This is a post from HackRead.com Read the original post: European Spyware Vendor Intellexa Offering Android, iOS Device Exploits

Ubuntu Security Notice USN-5589-1

Ubuntu Security Notice 5589-1 - Asaf Modelevsky discovered that the Intel 10GbE PCI Express Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

WordPress Core Cross Site Scripting / SQL Injection

The WordPress Core version 6.0.2 release addresses cross site scripting and remote SQL injection vulnerabilities.

SecureAuth Announces General Availability of Arculix, Its Next-Gen Passwordless, Continuous-Authentication Platform

Next-gen platform delivers adaptive and robust, continuous authentication with identity orchestration and a frictionless user experience.

Interested in Reducing Your Risk Profile? Jamf Has a Solution for That

The threat landscape has changed dramatically over the past decade. While cybercriminals continue to look for new ways to gain access to networks and steal sensitive information, the mobile attack surface is also expanding. Mobile devices are not only becoming more powerful but also more vulnerable to cyberattacks, making mobile security an increasingly important concern for enterprises. This

Don't Let 'Perfect' Be the Enemy of a Good AppSec Program

These five suggestions provide a great place to start building a scalable and affordable program for creating secure apps.

Chinese Hackers Target Energy Sector in Australia, South China Sea

The phishing campaign deploying a ScanBox reconnaissance framework has targeted the Australian government and companies maintaining wind turbines in the South China Sea.

CVE-2022-37237: [BUG]: Server will crash when client send RTMP poc messages · Issue #1839 · ZLMediaKit/ZLMediaKit

An attacker can send malicious RTMP requests to make the ZLMediaKit server crash remotely. Affected version is below commit 7d8b212a3c3368bc2f6507cb74664fc419eb9327.

Watering Hole Attacks Push ScanBox Keylogger

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.