Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

When Your Smart ID Card Reader Comes With Malware

Millions of U.S. government employees and contractors have been issued a secure smart ID card that enables physical access to buildings and controlled spaces, and provides access to government computer networks and systems at the cardholder's appropriate security level. But many government employees aren't issued an approved card reader device that lets them use these cards at home or remotely, and so turn to low-cost readers they find online. What could go wrong? Here's one example.

Krebs on Security
Open in Source
#vulnerability#web#mac#windows#amazon#linux#git#perl#pdf#auth#blog
Update now! Apple patches zero-day vulnerability affecting Macs, Apple Watch, and Apple TV

If you're an Apple user, make sure you patch for CVE-2022-22675, a zero-day flaw actively exported in the wild. The post Update now! Apple patches zero-day vulnerability affecting Macs, Apple Watch, and Apple TV appeared first on Malwarebytes Labs.

CVE-2022-30688: security - CVE-2022-30688: needrestart 0.8+ local privilege escalation

needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. Regexes to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old source files.

Apple Security Advisory 2022-05-16-8

Apple Security Advisory 2022-05-16-8 - Xcode 13.4 addresses a logic issue and a privilege escalation issue.

Trojan-Ransom.Thanos MVID-2022-0607 Code Execution

Thanos ransomware looks for and executes DLLs in its current directory. Therefore, we can potentially hijack a DLL to execute our own code and control and terminate the malware pre-encryption. The exploit DLL will check if the current directory is "C:\Windows\System32" and if not we grab our process ID and terminate. We do not need to rely on hash signatures or third-party products as the malware's own flaw will do the work for us. Endpoint protection systems and or antivirus can potentially be killed prior to executing malware, but this method cannot as there is nothing to kill the DLL that just lives on disk waiting. From a defensive perspective you can add the DLLs to a specific network share containing important data as a layered approach. All basic tests were conducted successfully in a virtual machine environment.

CVE-2022-30067: GIMP 2.10.30 crashed when allocate large memory (#8120) · Issues · GNOME / GIMP

GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash.

CVE-2022-22475: Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to Identity Spoofing (CVE-2022-22475)

IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0.5 are vulnerable to identity spoofing by an authenticated user. IBM X-Force ID: 225603.

Showdoc 2.10.3 Cross Site Scripting

Showdoc versions 2.10.3 and below suffer from a persistent cross site scripting vulnerability.

Apple Security Advisory 2022-05-16-7

Apple Security Advisory 2022-05-16-7 - Safari 15.5 addresses code execution and use-after-free vulnerabilities.