Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

New Glibc Flaw Grants Attackers Root Access on Major Linux Distros

Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw in the GNU C library (aka glibc). Tracked as CVE-2023-6246, the heap-based buffer overflow vulnerability is rooted in glibc's __vsyslog_internal() function, which is used by syslog() and vsyslog() for system logging purposes. It's said to have been accidentally

The Hacker News
Open in Source
#vulnerability#mac#ubuntu#linux#debian#buffer_overflow#The Hacker News
Brazilian Feds Dismantle Grandoreiro Banking Trojan, Arresting Top Operatives

A Brazilian law enforcement operation has led to the arrest of several Brazilian operators in charge of the Grandoreiro malware. The Federal Police of Brazil said it served five temporary arrest warrants and 13 search and seizure warrants in the states of São Paulo, Santa Catarina, Pará, Goiás, and Mato Grosso. Slovak cybersecurity firm ESET, which provided additional

Debian Security Advisory 5610-1

Debian Linux Security Advisory 5610-1 - Multiple security issues were discovered in Redis, a persistent key-value database, which could result in the execution of arbitrary code or ACL bypass.

Aembit Teams Up with CrowdStrike for Secure Workload Access

By cyberwire Aembit Announces New Workload IAM Integration with CrowdStrike to Help Enterprises Secure Workload-to-Workload Access. This is a post from HackRead.com Read the original post: Aembit Teams Up with CrowdStrike for Secure Workload Access

Apple warns of “privacy and security threats” after EU requires it to allow sideloading

To comply with the EU's Digital Markets Act, Apple will allow European iPhone owners to install apps obtained from outside the official App store.

Robots Are Fighting Robots in Russia's War in Ukraine

Aerial drones have changed the war in Ukraine. Now, both Russia’s and Ukraine’s militaries are deploying more unmanned ground robots—and the two are colliding.

What the Bitcoin ETF Approval Mean for the Crypto Market 

By Uzair Amir The recent green light given to a Bitcoin Exchange-Traded Fund (ETF) by regulatory authorities in the U.S. is… This is a post from HackRead.com Read the original post: What the Bitcoin ETF Approval Mean for the Crypto Market

Italian Data Protection Watchdog Accuses ChatGPT of Privacy Violations

Italy's data protection authority (DPA) has notified ChatGPT-maker OpenAI of supposedly violating privacy laws in the region. "The available evidence pointed to the existence of breaches of the provisions contained in the E.U. GDPR [General Data Protection Regulation]," the Garante per la protezione dei dati personali (aka the Garante) said in a statement on Monday. It also said it

GHSA-vvh2-82c7-ppfg: network Arbitrary Command Injection vulnerability

Versions of the package network before 0.7.0 are vulnerable to Arbitrary Command Injection due to use of the `child_process` exec function without input sanitization. If (attacker-controlled) user input is given to the `mac_address_for` function of the package, it is possible for an attacker to execute arbitrary commands on the operating system that this package is being run on.