Security
Headlines
HeadlinesLatestCVEs

Tag

#sap

23andMe Blames Users for Recent Data Breach as It's Hit With Dozens of Lawsuits

Plus: Russia hacks surveillance cameras as new details emerge of its attack on a Ukrainian telecom, a Google contractor pays for videos of kids to train AI, and more.

Wired
#android#mac#apple#google#amazon#git#sap
Microsoft disables ms-appinstaller after malicious use

Microsoft decided to disable App Installer links by default after it noticed several access brokers using the handler to spread malware.

Red Hat Security Advisory 2024-0030-03

Red Hat Security Advisory 2024-0030-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include buffer overflow and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-0028-03

Red Hat Security Advisory 2024-0028-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include buffer overflow and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-0023-03

Red Hat Security Advisory 2024-0023-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include buffer overflow and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-0017-03

Red Hat Security Advisory 2024-0017-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.

Red Hat Security Advisory 2024-0016-03

Red Hat Security Advisory 2024-0016-03 - An update for tigervnc is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

Red Hat Security Advisory 2024-0021-03

Red Hat Security Advisory 2024-0021-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include buffer overflow and use-after-free vulnerabilities.

Google Fixes Nearly 100 Android Security Issues

Plus: Apple shuts down a Flipper Zero Attack, Microsoft patches more than 30 vulnerabilities, and more critical updates for the last month of 2023.

Microsoft Windows PowerShell Code Execution / Event Log Bypass

Prior work from this researcher disclosed how PowerShell executes unintended files or BASE64 code when processing specially crafted filenames. This research builds on their PSTrojanFile work, adding a PS command line single quote bypass and PS event logging failure. On Windows CL tab, completing a filename uses double quotes that can be leveraged to trigger arbitrary code execution. However, if the filename got wrapped in single quotes it failed, that is until now.