Security
Headlines
HeadlinesLatestCVEs

Tag

#sap

Threat Roundup for September 30 to October 7

Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 30 and Oct. 7.

TALOS
Open in Source
#vulnerability#web#ios#mac#windows#google#microsoft#js#git#samba#ssh#sap#ssl
The Uber Data Breach Conviction Shows Security Execs What Not to Do

Former Uber security chief Joe Sullivan’s conviction is a rare criminal consequence for an executive’s handling of a hack.

Patch Now: Fortinet FortiGate & FortiProxy Contain Critical Vuln

The bug is under active exploitation; Fortinet issued a customer advisory urging customers to apply its update immediately.

Red Hat Security Advisory 2022-6833-01

Red Hat Security Advisory 2022-6833-01 - Expat is a C library for parsing XML documents. Issues addressed include a use-after-free vulnerability.

Meta accuses apps of stealing WhatsApp accounts

Categories: News Tags: Meta Tags: WhatsApp Tags: apps Tags: mobile Tags: android Tags: device Tags: account Tags: credentials Tags: spam Meta is suing developers for multiple credential-stealing apps found on Google Play and elsewhere. (Read more...) The post Meta accuses apps of stealing WhatsApp accounts appeared first on Malwarebytes Labs.

Meta Says It Has Busted More Than 400 Login-Stealing Apps This Year

The company plans to alert 1 million Facebook users that their account credentials may have been compromised by malicious software.

CVE-2022-2975: ASA-2022-123

A vulnerability related to weak permissions was detected in Avaya Aura Application Enablement Services web application, allowing an administrative user to modify accounts leading to execution of arbitrary code as the root user. This issue affects Application Enablement Services versions 8.0.0.0 through 8.1.3.4 and 10.1.0.0 through 10.1.0.1. Versions prior to 8.0.0.0 are end of manufacturing support and were not evaluated.

RHSA-2022:6839: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41318: squid: buffer-over-read in SSPI and SMB authentication

RHSA-2022:6838: Red Hat Security Advisory: expat security update

An update for expat is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-40674: expat: a use-after-free in the doContent function in xmlparse.c