βΌ CVE-2022-34221 βΌ
π Read
via "National Vulnerability Database".
Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34223 βΌ
π Read
via "National Vulnerability Database".
Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34248 βΌ
π Read
via "National Vulnerability Database".
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34245 βΌ
π Read
via "National Vulnerability Database".
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34219 βΌ
π Read
via "National Vulnerability Database".
Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34228 βΌ
π Read
via "National Vulnerability Database".
Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34236 βΌ
π Read
via "National Vulnerability Database".
Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34244 βΌ
π Read
via "National Vulnerability Database".
Adobe Photoshop versions 22.5.7 (and earlier) and 23.3.2 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
π΄ Netwrix Auditor Bug Could Lead to Active Directory Domain Compromise π΄
π Read
via "Dark Reading".
IT asset tracker and auditor software has a critical issue with insecure object deserialization that could allow threat actors to execute code, researchers say.π Read
via "Dark Reading".
Dark Reading
Netwrix Auditor Bug Could Lead to Active Directory Domain Compromise
IT asset tracker and auditor software has a critical issue with insecure object deserialization that could allow threat actors to execute code, researchers say.
π’ Microsoft unveils wide-scale phishing campaign that circumvents MFA π’
π Read
via "ITPro".
More than 10,000 organisations have been targeted using the convincing adversary-in-the-middle attack methodπ Read
via "ITPro".
ITPro
Microsoft unveils wide-scale phishing campaign that circumvents MFA
More than 10,000 organisations have been targeted using the convincing adversary-in-the-middle attack method
π’ What is zero trust? π’
π Read
via "ITPro".
How a zero trust security strategy better protects your business from internal and external attackersπ Read
via "ITPro".
IT PRO
What is zero trust? | IT PRO
How a zero trust security strategy better protects your business from internal and external attackers
π’ Bandai Namco finally confirms massive cyber attack π’
π Read
via "ITPro".
AlphV/BlackCat claims "data is coming soon" to its deep web blog in a suspected double-extortion ransomware attackπ Read
via "ITPro".
IT PRO
Bandai Namco finally confirms massive cyber attack as ransomware outfit claims responsibility | IT PRO
AlphV/BlackCat claims "data is coming soon" to its deep web blog in a suspected double-extortion ransomware attack
π’ Chinese authorities summon Alibaba executives over data breach π’
π Read
via "ITPro".
An unknown attacker stole the data of over a billion citizens from a police database, in one of the largest breaches recorded in historyπ Read
via "ITPro".
IT PRO
Chinese authorities summon Alibaba executives over data breach | IT PRO
An unknown attacker stole the data of over a billion citizens from a police database, in one of the largest breaches recorded in history
π’ BAE Systems lands $699 million US army HPC contract π’
π Read
via "ITPro".
Defense giant will operate and maintain the militaryβs high performance computing systems untilπ Read
via "ITPro".
IT PRO
BAE Systems lands $699 million US army HPC contract | IT PRO
Defense giant will operate and maintain the militaryβs high performance computing systems until
π’ The psychology of secure passwords π’
π Read
via "ITPro".
The tricks for overcoming poor security hygiene like weak passwords and password reuseπ Read
via "ITPro".
IT PRO
The psychology of secure passwords | IT PRO
The tricks for overcoming poor security hygiene like weak passwords and password reuse
π’ Retbleed hardware-level flaw brings overhead woe to Intel and AMD π’
π Read
via "ITPro".
βRetbleedβ threatens a wide range of microprocessors, using a vector thought safe that adds to its problematic natureπ Read
via "ITPro".
IT PRO
Retbleed hardware-level flaw brings overhead woe to Intel and AMD | IT PRO
βRetbleedβ threatens a wide range of microprocessors, using a vector thought safe that adds to its problematic nature
π’ Microsoft makes Windows Autopatch generally available to enterprise users π’
π Read
via "ITPro".
First announced in April, the feature has been met with confusion from the industryπ Read
via "ITPro".
ITPro
Microsoft makes Windows Autopatch generally available to enterprise users
First announced in April, the feature has been met with confusion from the industry
π’ What is threat hunting? π’
π Read
via "ITPro".
Although most threats can be dealt with automatically, the tougher ones require a bit more investigationπ Read
via "ITPro".
IT PRO
What is threat hunting? | IT PRO
Although most threats can be dealt with automatically, the tougher ones require a bit more investigation
π’ FTC fires warning against sensitive data misuse π’
π Read
via "ITPro".
The agency has responded to fears around biometric data breaches, including those relating to abortion servicesπ Read
via "ITPro".
IT PRO
FTC fires warning against sensitive data misuse | IT PRO
The agency has responded to fears around biometric data breaches, including those relating to abortion services
π’ Deloitte launches Zero Trust Access for enterprises π’
π Read
via "ITPro".
The managed security service protects applications regardless of their location or typeβπ Read
via "ITPro".
IT PRO
Deloitte launches Zero Trust Access for enterprises | IT PRO
The managed security service protects applications regardless of their location or typeβ
π’ Australian university suffers data breach of 47,000 students π’
π Read
via "ITPro".
The attacker also launched a smishing attempt while inside the universityβs systemsπ Read
via "ITPro".
IT PRO
Australian university suffers data breach of 47,000 students | IT PRO
The attacker also launched a smishing attempt while inside the universityβs systems