Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

CVE-2022-38105: TALOS-2022-1590 || Cisco Talos Intelligence Group

An information disclosure vulnerability exists in the cm_processREQ_NC opcode of Asus RT-AX82U 3.0.0.4.386_49674-ge182230 router's configuration service. A specially-crafted network packets can lead to a disclosure of sensitive information. An attacker can send a network request to trigger this vulnerability.

CVE
Open in Source
#vulnerability#mac#cisco#oracle#intel#asus#auth#wifi
2022 Year in Review: APTs Livestream Replay

Did you miss our livestream focused on the APT section in the Cisco Talos Year in Review report? Join host Mitch Neff and special guests Jacob Finn, Asheer Malhotra, and Vitor Ventura as they discuss Talos' findings and experiences tracking APTs in 2022.

Microsoft Patch Tuesday for January 2023 — Snort rules and prominent vulnerabilities

Microsoft released its monthly security update on Tuesday, disclosing 101 vulnerabilities. Of these vulnerabilities, 11 are classified as “Critical”, 89 are classified as “Important”, no vulnerability classified as “Moderate.”

CVE-2023-0162: Diff [2574013:2844012] for cpo-companion/trunk – WordPress Plugin Repository

The CPO Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several of its content type settings parameters in versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Increasing trust, commitment, and predictability during a remote incident response

In this blog post, Cisco Talos Incident Response (Talos IR) presents some of the key benefits of remote IR support and offers a list of recommendations for working on a remote incident.

Microsoft: Kinsing Targets Kubernetes via Containers, PostgreSQL

The cryptomining malware, which typically targets Linux, is exploiting weaknesses in an open source container tool for initial access to cloud environments.

65% of Organizations Plan to Adopt a Security Service Edge Platform in Next 2 Years: Axis Security

2023 Security Service Edge (SSE) Adoption Report finds that SSE technology addresses key pain points including much-needed solution consolidation, transition to hybrid work and need for hardened security.

Red Hat Security Advisory 2023-0045-01

Red Hat Security Advisory 2023-0045-01 - Virtual Network Computing is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. Issues addressed include out of bounds access and use-after-free vulnerabilities.

Online Food Ordering System 2.0 SQL Injection

Online Food Ordering System version 2.0 suffers from a remote SQL injection vulnerability.