Security
Headlines
HeadlinesLatestCVEs

Tag

#ios

A Sneaky Ad Scam Tore Through 11 Million Phones

Some 1,700 spoofed apps, 120 targeted publishers, 12 billion false ad requests per day—Vastflux is one of the biggest ad frauds ever discovered.

Wired
Open in Source
#web#ios#android#apple#google#git#java#sap
Following the LNK metadata trail

While tracking some prevalent commodity malware threat actors, Talos observed the popularization of malicious LNK files as their initial access method to download and execute payloads. A closer look at the LNK files illustrates how their metadata could be used to identify and track new campaigns.

6 Types of Risk Assessment Methodologies + How to Choose

An organization’s sensitive information is under constant threat. Identifying those security risks is critical to protecting that information. But some risks are bigger than others. Some mitigation options are more expensive than others. How do you make the right decision? Adopting a formal risk assessment process gives you the information you need to set priorities. There are many ways to

Vulnerable Historian Servers Imperil OT Networks

These specialized database servers, which collect and archive information on device operation, often connect IT and OT networks.

ChatGPT Opens New Opportunities for Cybercriminals: 5 Ways for Organizations to Get Ready

From updating employee education and implementing stronger authentication protocols to monitoring corporate accounts and adopting a zero-trust model, companies can better prepare defenses against chatbot-augmented attacks.

Red Hat Security Advisory 2022-7399-01

Red Hat Security Advisory 2022-7399-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.0. Issues addressed include denial of service, memory leak, and out of bounds read vulnerabilities.

Red Hat Security Advisory 2022-7398-02

Red Hat Security Advisory 2022-7398-02 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.0. Issues addressed include a denial of service vulnerability.

CVE-2022-34399: DSA-2022-317: Dell Client Security Update for Dell Client BIOS

Dell Alienware m17 R5 BIOS version prior to 1.2.2 contain a buffer access vulnerability. A malicious user with admin privileges could potentially exploit this vulnerability by sending input larger than expected in order to leak certain sections of SMRAM.

Git Users Urged to Update Software to Prevent Remote Code Execution Attacks

The maintainers of the Git source code version control system have released updates to remediate two critical vulnerabilities that could be exploited by a malicious actor to achieve remote code execution. The flaws, tracked as CVE-2022-23521 and CVE-2022-41903, impacts the following versions of Git: v2.30.6, v2.31.5, v2.32.4, v2.33.5, v2.34.5, v2.35.5, v2.36.3, v2.37.4, v2.38.2, and v2.39.0.

CVE-2022-34456: DSA-2022-267: Dell EMC Metronode VS5 Security Update for Multiple Third-Party Component Vulnerabilities

Dell EMC Metro node, Version(s) prior to 7.1, contain a Code Injection Vulnerability. An authenticated nonprivileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application.