#mac

Security defenders working for large venues and international events need to be able to move at machine speed because they have a limited time to detect and recover from attacks. The show must go on, always.

When analyzing the Verbatim Executive Fingerprint Secure SSD, Matthias Deeg found out it uses an insecure design which allows retrieving the currently used password and thus the ability to unlock and access the stored data in an unauthorized way.

In some scenarios, CSS style specifications can be manipulated to cause browsers to send data to an attacker-controlled server

Microsoft's legacy browser may be dead—but its remnants are not going anywhere, and neither are its lingering security risks.

A security flaw in Apple Safari that was exploited in the wild earlier this year was originally fixed in 2013 and reintroduced in December 2016, according to a new report from Google Project Zero. The issue, tracked as CVE-2022-22620 (CVSS score: 8.8), concerns a case of a use-after-free vulnerability in the WebKit component that could be exploited by a piece of specially crafted web content to

NHI’s health insurance web service component has insufficient validation for input string length, which can result in heap-based buffer overflow attack. A remote attacker can exploit this vulnerability to flood the memory space reserved for the program, in order to terminate service without authentication, which requires a system restart to recover service.

This week on Lock and Code, we speak with Kim Lewandowski about what steps we can take to secure the software supply chain. The post Securing the software supply chain, with Kim Lewandowski: Lock and Code S03E13 appeared first on Malwarebytes Labs.

Red Hat Security Advisory 2022-5002-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include buffer overflow, integer overflow, and memory leak vulnerabilities.

Red Hat Security Advisory 2022-4994-01 - XZ Utils is an integrated collection of user-space file compression utilities based on the Lempel-Ziv-Markov chain algorithm, which performs lossless data compression. The algorithm provides a high compression ratio while keeping the decompression time short.

Red Hat Security Advisory 2022-5026-01 - This advisory contains the following OpenShift Virtualization 4.10.2 images: RHEL-8-CNV-4.10. Issues addressed include a denial of service vulnerability.