Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

5 things to teach your kids about social media

Categories: Personal Tags: school Tags: back to school Tags: social media Tags: twitter Tags: facebook Tags: instagram Tags: tik-tok Tags: sharing Tags: safety Tags: kids Tags: adults Tags: parents Tags: children Tags: teens Tags: teen Tags: teenagers We have some suggestions for helping your kids keep themselves safe on social media as they head back into school. (Read more...) The post 5 things to teach your kids about social media appeared first on Malwarebytes Labs.

Malwarebytes
#web#ios#mac#git#auth#ssl
Tax refund phish logs keystrokes to swipe personal details

Categories: News Tags: tax refund Tags: phish Tags: phishing Tags: scam Tags: greece Tags: greek Tags: javascript Tags: keylogger The phishing mails rely on that time-honoured tradition of bogus tax returns and non-existent refunds. (Read more...) The post Tax refund phish logs keystrokes to swipe personal details appeared first on Malwarebytes Labs.

Shadowy Russian Cell Phone Companies Are Cropping Up in Ukraine

But as Ukrainians retake ground, some of the firms are erasing their online presence.

Microsoft Brings Zero Trust to Hardware in Windows 11

A stacked combination of hardware and software protects the next version of Windows against the latest generation of firmware threats.

CVE-2022-32912: About the security content of Safari 16

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2022-32917: About the security content of macOS Big Sur 11.7

The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..

CVE-2022-37884

A vulnerability exists in the ClearPass Policy Manager Guest User Interface that can allow an unauthenticated attacker to send specific operations which result in a Denial-of-Service condition. A successful exploitation of this vulnerability results in the unavailability of the guest interface in Aruba ClearPass Policy Manager version(s): 6.10.x: 6.10.6 and below; 6.9.x: 6.9.11 and below. Aruba has released upgrades for Aruba ClearPass Policy Manager that address this security vulnerability.

2-Step Email Attack Uses Powtoon Video to Execute Payload

The attack uses hijacked Egress branding and the legit Powtoon video platform to steal user credentials.

Cast AI Introduces Cloud Security Insights for Kubernetes

The release augments the company's Kubernetes management platform with free, user-friendly insight on security postures, along with cost monitoring and observability.

CVE-2022-40262

A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines (VMs) and bypassing memory isolation and confidential computing boundaries. Additionally, an attacker can build a payload which can be injected into the SMRAM memory. This issue affects: Module name: S3Resume2Pei SHA256: 7bb29f05534a8a1e010443213451425098faebd45948a4642db969b19d0253fc Module GUID: 89E549B0-7CFE-449D-9BA3-10D8B2312D71