Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

Gentoo Linux Security Advisory 202401-01

Gentoo Linux Security Advisory 202401-1 - A vulnerability has been found in Joblib which allows for arbitrary code execution. Versions greater than or equal to 1.2.0 are affected.

Packet Storm
#vulnerability#web#mac#linux
DNA data deserves better, with Suzanne Bernstein: Lock and Code S05E01

This week on the Lock and Code podcast, we speak with Suzanne Bernstein about DNA privacy and protecting data from hackers.

What It’s Like to Use Apple’s Lockdown Mode

If you're at high risk of being targeted by mercenary spyware, or just don't mind losing iOS features for extra security, the company's restricted mode is surprisingly usable.

New Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 Protections

Security researchers have detailed a new variant of a dynamic link library (DLL) search order hijacking technique that could be used by threat actors to bypass security mechanisms and achieve execution of malicious code on systems running Microsoft Windows 10 and Windows 11. The approach "leverages executables commonly found in the trusted WinSxS folder and exploits them via the classic DLL

New Terrapin Flaw Could Let Attackers Downgrade SSH Protocol Security

Security researchers from Ruhr University Bochum have discovered a vulnerability in the Secure Shell (SSH) cryptographic network protocol that could allow an attacker to downgrade the connection's security by breaking the integrity of the secure channel. Called Terrapin (CVE-2023-48795, CVSS score: 5.9), the exploit has been described as the "first ever practically exploitable prefix

Google Fixes Nearly 100 Android Security Issues

Plus: Apple shuts down a Flipper Zero Attack, Microsoft patches more than 30 vulnerabilities, and more critical updates for the last month of 2023.

China Arrests 4 Who Weaponized ChatGPT for Ransomware Attacks

By Deeba Ahmed The police arrested two suspects in Beijing and two in Inner Mongolia. This is a post from HackRead.com Read the original post: China Arrests 4 Who Weaponized ChatGPT for Ransomware Attacks

Beware: Scam-as-a-Service Aiding Cybercriminals in Crypto Wallet-Draining Attacks

Cybersecurity researchers are warning about an increase in phishing attacks that are capable of draining cryptocurrency wallets. "These threats are unique in their approach, targeting a wide range of blockchain networks, from Ethereum and Binance Smart Chain to Polygon, Avalanche, and almost 20 other networks by using a crypto wallet-draining technique," Check Point researchers Oded Vanunu,

iPhone Spyware Exploits Obscure Chip Feature, Targets Researchers

By Deeba Ahmed Triangulation of Terror: Inside the Most Sophisticated iPhone Spyware Campaign Ever Seen. This is a post from HackRead.com Read the original post: iPhone Spyware Exploits Obscure Chip Feature, Targets Researchers

The Worst Hacks of 2023

It was a year of devastating cyberattacks around the globe, from ransomware attacks on casinos to state-sponsored breaches of critical infrastructure.