Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

Gentoo Linux Security Advisory 202309-16

Gentoo Linux Security Advisory 202309-16 - Multiple vulnerabilities have been discovered in wpa_supplicant and hostapd, the worst of which could result in arbitrary code execution. Versions greater than or equal to 2.10 are affected.

Packet Storm
#vulnerability#web#mac#linux#auth
Gentoo Linux Security Advisory 202309-15

Gentoo Linux Security Advisory 202309-15 - Multiple vulnerabilities have been found in GNU Binutils, the worst of which could result in denial of service. Versions greater than or equal to 2.40 are affected.

Predictive Policing Software Terrible at Predicting Crimes

A software company sold a New Jersey police department an algorithm that was right less than 1 percent of the time.

Strategies for Integrating Pay-Per-Minute Chat Software in Customer Service

By Owais Sultan Enhancing customer interaction is paramount for any business. Integrating pay-per-minute chat software can revitalize your customer service, providing… This is a post from HackRead.com Read the original post: Strategies for Integrating Pay-Per-Minute Chat Software in Customer Service

OpenRefine's Zip Slip Vulnerability Could Let Attackers Execute Malicious Code

A high-severity security flaw has been disclosed in the open-source OpenRefine data cleanup and transformation tool that could result in arbitrary code execution on affected systems. Tracked as CVE-2023-37476 (CVSS score: 7.8), the vulnerability is a Zip Slip vulnerability that could have adverse impacts when importing a specially crafted project in versions 3.7.3 and below. "Although OpenRefine

BunnyLoader: New Malware-as-a-Service Threat Emerges in the Cybercrime Underground

Cybersecurity experts have discovered yet another malware-as-a-service (MaaS) threat called BunnyLoader that's being advertised for sale on the cybercrime underground. "BunnyLoader provides various functionalities such as downloading and executing a second-stage payload, stealing browser credentials and system information, and much more," Zscaler ThreatLabz researchers Niraj Shivtarkar and

Zanubis Android Banking Trojan Poses as Peruvian Government App to Target Users

An emerging Android banking trojan called Zanubis is now masquerading as a Peruvian government app to trick unsuspecting users into installing the malware. "Zanubis's main infection path is through impersonating legitimate Peruvian Android applications and then tricking the user into enabling the Accessibility permissions in order to take full control of the device," Kaspersky said in an

A week in security (September 25 - October 1)

Categories: News Tags: week Tags: security Tags: September Tags: 2023 Tags: dependabot Tags: bard Tags: bing A list of topics we covered in the week of September 25 to October 1 of 2023 (Read more...) The post A week in security (September 25 - October 1) appeared first on Malwarebytes Labs.

Apple, Microsoft, and Google Just Fixed Multiple Zero-Day Flaws

Plus: Mozilla patches 10 Firefox bugs, Cisco fixes a vulnerability with a rare maximum severity score, and SAP releases updates to stamp out three highly critical flaws.

Iranian APT Group OilRig Using New Menorah Malware for Covert Operations

Sophisticated cyber actors backed by Iran known as OilRig have been linked to a spear-phishing campaign that infects victims with a new strain of malware called Menorah. "The malware was designed for cyberespionage, capable of identifying the machine, reading and uploading files from the machine, and downloading another file or malware," Trend Micro researchers Mohamed Fahmy and Mahmoud Zohdy