#ios

Apple has released another round of security updates to address multiple vulnerabilities in iOS and macOS, including a new zero-day flaw that has been used in attacks in the wild. The issue, assigned the identifier CVE-2022-32917, is rooted in the Kernel component and could enable a malicious app to execute arbitrary code with kernel privileges. "Apple is aware of a report that this issue may

FreshService Windows Agent < 2.11.0 and FreshService macOS Agent < 4.2.0 and FreshService Linux Agent < 3.3.0. are vulnerable to Broken integrity checking via the FreshAgent client and scheduled update service.

An issue was discovered in AnyDesk before 6.2.6 and 6.3.x before 6.3.3. An unnecessarily open listening port on a machine in the LAN of an attacker, opened by the Anydesk Windows client when using the tunneling feature, allows the attacker unauthorized access to the local machine's AnyDesk tunneling protocol stack (and also to any remote destination machine software that is listening to the AnyDesk tunneled port).

Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. A local authenticated malicious user could potentially exploit this vulnerability by sending excess data to a function in order to gain arbitrary code execution on the system.

Categories: Business Patching is a thorn in the side of many businesses today: Everything from keeping up with the volume of patches to prioritizing what needs to be patched first can cause major delays in a business's patching process. In this post, we’ll give you six patch management best practices for businesses. (Read more...) The post 6 patch management best practices for businesses appeared first on Malwarebytes Labs.

SOC 2 may be a voluntary standard, but for today's security-conscious business, it's a minimal requirement when considering a SaaS provider. Compliance can be a long and complicated process, but a scanner like Intruder makes it easy to tick the vulnerability management box. Security is critical for all organisations, including those that outsource key business operation to third parties like

Safety Check and Lockdown Mode give people in vulnerable situations ways to quarantine themselves from acute risks.

Categories: News The most important and interesting computer security stories from the last week. (Read more...) The post A week in security (September 5 – 11) appeared first on Malwarebytes Labs.

Can an IoT coffee maker leak company secrets? Where do you put the 'S' in 'IoT'? Join Alison Naylor, Senior Manager for Information Security at Red Hat, in this episode of Security Detail as she discusses the importance of securing IoT devices and how to proceed with caution.

Plus: Albania cuts ties with Iran, claims of a TikTok data breach that didn’t happen, and much more.