Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

Google Fixes 24 Vulnerabilities With New Chrome Update

But one issue that lets websites overwrite content on a user's system clipboard appears unfixed in the new Version 105 of Chrome.

DARKReading
Open in Source
#sql#vulnerability#web#android#mac#windows#google#microsoft#linux#dos#git#buffer_overflow#chrome#firefox
Crypto-Crooks Spread Trojanized Google Translate App in Watering-Hole Attack

The ongoing campaign is spreading worldwide, using the lure of a fully functional Google Translate application for desktops that has helped the threat stay undetected for months.

Hackers spreading malware through images taken by James Webb Space Telescope

By Waqas Researchers have identified a new Golang-based malware campaign leveraging deep field images from the James Webb Space Telescope to deploy malware on infected devices. This is a post from HackRead.com Read the original post: Hackers spreading malware through images taken by James Webb Space Telescope

Red Hat Security Advisory 2022-6243-01

Red Hat Security Advisory 2022-6243-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an information leakage vulnerability.

CVE-2022-2590: security - CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions

A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only shared memory mappings. This flaw allows an unprivileged, local user to gain write access to read-only memory mappings, increasing their privileges on the system.

CVE-2022-1263: security - Linux kernel: x86/kvm: null-ptr-deref in kvm_dirty_ring_push

A NULL pointer dereference issue was found in KVM when releasing a vCPU with dirty ring support enabled. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service.

CVE-2022-1325: Denial of service via RAM exhaustion in _load_bmp · Issue #343 · GreycLab/CImg

A flaw was found in Clmg, where with the help of a maliciously crafted pandore or bmp file with modified dx and dy header field values it is possible to trick the application into allocating huge buffer sizes like 64 Gigabyte upon reading the file from disk or from a virtual buffer.

CVE-2022-1205: security - CVE-2022-1205 kernel: Null pointer dereference and use-after-free in net/ax25/ax25_timer.c

A NULL pointer dereference flaw was found in the Linux kernel’s Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system.

James Webb telescope images used to hide malware

Categories: News Categories: Threats Tags: Msdllupdate.exe Tags: macros Tags: James Webb Tags: certutil Tags: Golang Tags: base64 Tags: steganography Tags: OxB36F8GEEC634.jpg In a recent malware campaign, images from the James Webb telescope were used to hide malware. (Read more...) The post James Webb telescope images used to hide malware appeared first on Malwarebytes Labs.

The Inevitability of Cloud Breaches: Tales of Real-World Cloud Attacks

While cloud breaches are going to happen, that doesn't mean we can't do anything about them. By better understanding cloud attacks, organizations can better prepare for them. (First of two parts.)