Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CompleteFTP path traversal flaw allowed attackers to delete server files

Security issue fixed in version 22.1.1 of file transfer software

PortSwigger
Open in Source
#vulnerability#windows#git#auth
You Need a Password Manager. Here Are the Best Ones

Keep your logins locked down with our favorite apps for PC, Mac, Android, iPhone, and web browsers.

CVE-2022-22334: Security Bulletin: IBM Robotic Process Automation is vulnerable to an information disclosure (CVE-2022-22334)

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a user to access information from a tenant of which they should not have access. IBM X-Force ID: 219391.

CVE-2022-22505: Security Bulletin: IBM Robotic Process Automation is vulnerable to exposure of tenant credentials (CVE-2022-22505)

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 contains a vulnerability that could allow IBM tenant credentials to be exposed. IBM X-Force ID: 227288.

A week in security (July 25 - July 31)

Categories: A week in security Tags: backdoor Tags: blog recap Tags: bytedance Tags: cookies Tags: data breach Tags: Google Tags: linux Tags: microsoft Tags: ransomware Tags: SQL injection Tags: T-Mobile Tags: tiktok Tags: Uber Tags: week in security The most important and interesting computer security stories from the last week. (Read more...) The post A week in security (July 25 - July 31) appeared first on Malwarebytes Labs.

Apple Just Patched 37 iPhone Security Bugs

Plus: A Google Chrome patch licks the DevilsTongue spyware, Android’s kernel gets a tune-up, and Microsoft fixes 84 flaws.

911 (911.re) Proxy Service Shuts Down After Confirming Security Breach

By Waqas At the time of writing, the home page of 911 (911.re) Proxy Service was displaying a detailed message… This is a post from HackRead.com Read the original post: 911 (911.re) Proxy Service Shuts Down After Confirming Security Breach

Microsoft Links Raspberry Robin USB Worm to Russian Evil Corp Hackers

Microsoft on Friday disclosed a potential connection between the Raspberry Robin USB-based worm and an infamous Russian cybercrime group tracked as Evil Corp. The tech giant said it observed the FakeUpdates (aka SocGholish) malware being delivered via existing Raspberry Robin infections on July 26, 2022. Raspberry Robin, also called QNAP Worm, is known to spread from a compromised system via

North Korean Hackers Using Malicious Browser Extension to Spy on Email Accounts

A threat actor operating with interests aligned with North Korea has been deploying a malicious extension on Chromium-based web browsers that's capable of stealing email content from Gmail and AOL. Cybersecurity firm Volexity attributed the malware to an activity cluster it calls SharpTongue, which is said to share overlaps with an adversarial collective publicly referred to under the name

CVE-2022-35234: Security Bulletin: Trend Micro Maximum Security Out-Of-Bounds Read Information Disclosure Vulnerability

Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure Vulnerability that could allow an attacker to read sensitive information from other memory locations and cause a crash on an affected machine.