Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

Unusual Microsoft 365 Phishing Campaign Spoofs eFax Via Compromised Dynamics Voice Account

In a widespread campaign, threat actors use a compromised Dynamics 365 Customer Voice business account and a link posing as a survey to steal Microsoft 365 credentials.

DARKReading
Open in Source
#mac#microsoft#git#intel#pdf
Nearly 3 Years Later, SolarWinds CISO Shares 3 Lessons From the Infamous Attack

SolarWinds CISO Tim Brown explains how organizations can prepare for eventualities like the nation-state attack on his company’s software.

Acronis' Midyear Cyberthreats Report Finds Ransomware Is the No. 1 Threat to Organizations, Projects Damages to Exceed $30 Billion by 2023

Increasing complexity in IT continues to lead to breaches and compromises, highlighting the need for more holistic approaches to cyber protection.

CVE-2022-36633: GitHub - gravitational/teleport: The easiest, most secure way to access infrastructure.

Teleport 9.3.6 is vulnerable to Command injection leading to Remote Code Execution. An attacker can craft a malicious ssh agent installation link by URL encoding a bash escape with carriage return line feed. This url encoded payload can be used in place of a token and sent to a user in a social engineering attack. This is fully unauthenticated attack utilizing the trusted teleport server to deliver the payload.

Ubuntu Security Notice USN-5578-1

Ubuntu Security Notice 5578-1 - It was discovered that Open VM Tools incorrectly handled certain requests. An attacker inside the guest could possibly use this issue to gain root privileges inside the virtual machine.

Red Hat Security Advisory 2022-6103-01

Red Hat Security Advisory 2022-6103-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.1.

CVE-2022-27812: SNS : risk of DOS on SNS firewall

Flooding SNS firewall 3.7.0 to 3.7.26 with udp or icmp randomizing the source through an internal to internal or external to internal interfaces will lead the firewall to overwork. It will consume 100% CPU, 100 RAM and won't be available and can crash.

How to secure a Mac for your kids

Categories: Explained Categories: Personal Tags: Mac Tags: Parental Controls Tags: Screen Time If you want to know how to secure your Mac so your kids can use it safely, we're here to help. (Read more...) The post How to secure a Mac for your kids appeared first on Malwarebytes Labs.

CVE-2022-25903: Snyk Vulnerability Database | Snyk

The package opcua from 0.0.0 are vulnerable to Denial of Service (DoS) via the ExtensionObjects and Variants objects, when it allows unlimited nesting levels, which could result in a stack overflow even if the message size is less than the maximum allowed.

CVE-2022-24375: Snyk Vulnerability Database | Snyk

The package node-opcua before 2.74.0 are vulnerable to Denial of Service (DoS) when bypassing the limitations for excessive memory consumption by sending multiple CloseSession requests with the deleteSubscription parameter equal to False.