Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

Ducktail Cyberattackers Add WhatsApp to Facebook Business Attack Chain

The Vietnam-based financial cybercrime operation's primary goal is to push out fraudulent ads via compromised business accounts.

DARKReading
Open in Source
#mac#git#intel#auth#sap
CVE-2022-3500: Fix proper exception handling and impedance match in `tornado_requests` by galmasi · Pull Request #1128 · keylime/keylime

A vulnerability was found in keylime. This security issue happens in some circumstances, due to some improperly handled exceptions, there exists the possibility that a rogue agent could create errors on the verifier that stopped attestation attempts for that host leaving it in an attested state but not verifying that anymore.

DraftKings Account Takeovers Frame Sports-Betting Cybersecurity Dilemma

Cybercrooks have drained DraftKings accounts of $300K in the past few days thanks to credential stuffing, just as the 2022 FIFA World Cup starts up.

CVE-2022-41950: Privilege Escalation Vulnerability by wrong chmod param

super-xray is the GUI alternative for vulnerability scanning tool xray. In 0.2-beta, a privilege escalation vulnerability was discovered. This caused inaccurate default xray permissions. Note: this vulnerability only affects Linux and Mac OS systems. Users should upgrade to super-xray 0.3-beta.

This Malware Installs Malicious Browser Extensions to Steal Users' Passwords and Cryptos

A malicious extension for Chromium-based web browsers has been observed to be distributed via a long-standing Windows information stealer called ViperSoftX. Czech-based cybersecurity company dubbed the rogue browser add-on VenomSoftX owing to its standalone features that enable it to access website visits, steal credentials and clipboard data, and even swap cryptocurrency addresses via an

RHSA-2022:8598: Red Hat Security Advisory: Red Hat Virtualization Host security update [ovirt-4.5.3-1]

An update for redhat-release-virtualization-host, redhat-virtualization-host, and redhat-virtualization-host-productimg is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3515: libksba: integer overflow may lead to remote code execution * CVE-2022-38177: bind: memory leak in ECDSA DNSSEC verification code * CVE-2022-38178: bind: memory leaks in EdDSA DNSSEC verification code * CVE-2022-40674: ex...

CVE-2022-44200: IoT_vuln/Netgear/R7000P/17 at main · RobinWang825/IoT_vuln

Netgear R7000P V1.3.0.8, V1.3.1.64 is vulnerable to Buffer Overflow via parameters: stamode_dns1_pri and stamode_dns1_sec.

CVE-2022-44190: IoT_vuln/Netgear/R7000P/6 at main · RobinWang825/IoT_vuln

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter enable_band_steering.

CVE-2022-44191: IoT_vuln/Netgear/R7000P/8 at main · RobinWang825/IoT_vuln

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameters KEY1 and KEY2.

CybeReady Releases Five Easy Tips to Shop Safely During Black Friday

Safe shopping guidance coupled with new CISO tool to help safeguard personal data and corporate networks.