Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

What to Patch Now: Actively Exploited Windows Zero-Day Threatens Domain Controllers

Microsoft's May 2022 Patch Tuesday contains several bugs in ubiquitous software that could affect millions of machines, researchers warn.

DARKReading
Open in Source
#vulnerability#mac#windows#microsoft#amazon#linux#dos#rce#ldap#log4j#auth#zero_day#chrome
Malicious Open Source: the cost of using someone else’s code

Hello everyone! This video was recorded for the VMconf 22 Vulnerability Management conference, vmconf.pw. I will be talking about malicious open source and the cost of using someone else’s code. Alternative video link (for Russia): https://vk.com/video-149273431_456239086Video in Russian from CISO Forum 2022: https://youtu.be/LPXg-MEamVA To be honest, at the beginning of the year I did not […]

APT34 targets Jordan Government using new Saitama backdoor

On April 26th, we identified a suspicious email that targeted a government official from Jordan’s foreign ministry. The email contained a malicious Excel document that drops a new backdoor named Saitama. Following our investigation, we were able to attribute this attack to the known Iranian Actor APT34. Also known as OilRig/COBALT GYPSY/IRN2/HELIX KITTEN, APT34 is... The post APT34 targets Jordan Government using new Saitama backdoor appeared first on Malwarebytes Labs.

CVE-2022-29397: IoT-vuln/Totolink/4.setMacFilterRules at main · d1tto/IoT-vuln

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004196c8.

CVE-2022-29397: IoT-vuln/Totolink/4.setMacFilterRules at main · d1tto/IoT-vuln

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004196c8.

CVE-2022-29394: IoT-vuln/Totolink/1.setWiFiAclAddConfig at main · d1tto/IoT-vuln

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448.

CVE-2022-29394: IoT-vuln/Totolink/1.setWiFiAclAddConfig at main · d1tto/IoT-vuln

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448.

CVE-2022-29391: IoT-vuln/Totolink/5.setStaticDhcpConfig at main · d1tto/IoT-vuln

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004200c8.

CVE-2022-29391: IoT-vuln/Totolink/5.setStaticDhcpConfig at main · d1tto/IoT-vuln

TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004200c8.

Microsoft Patch Tuesday for May 2022 — Snort rules and prominent vulnerabilities

By Jon Munshaw, with contributions from Jaeson Schultz.  Microsoft returned to its normal monthly patching volume in May, disclosing and fixing 74 vulnerabilities as part of the company’s latest security update. This month’s Patch Tuesday includes seven critical vulnerabilities after Microsoft... [[ This is only the beginning! Please visit the blog for the complete entry ]]