π’ 1.1 million Tesla cars recalled over software glitch π’
π Read
via "ITPro".
The mass recall is prompted by a flaw in the vehicles' automatic window reversal systemπ Read
via "ITPro".
IT PRO
1.1 million Tesla cars recalled over software glitch | IT PRO
The mass recall is prompted by a flaw in the vehicles' automatic window reversal system
π’ Fancy Bear hackers exploit PowerPoint files to spread Graphite malware π’
π Read
via "ITPro".
The ongoing attack reportedly targets entities in the defense and government sectors of the European Union and Eastern European nationsπ Read
via "ITPro".
IT PRO
Fancy Bear hackers exploit PowerPoint files to spread Graphite malware | IT PRO
The ongoing attack reportedly targets entities in the defense and government sectors of the European Union and Eastern European nations
π’ TikTok considers changes to data policies amid rising security concerns π’
π Read
via "ITPro".
The ByteDance-owned app also faces a potential Β£27m fine over privacy violationsπ Read
via "ITPro".
IT PRO
TikTok considers changes to data policies amid rising security concerns | IT PRO
The ByteDance-owned app also faces a potential Β£27m fine over privacy violations
π’ Mozilla patches high-severity security flaws in new βspeedyβ Firefox release π’
π Read
via "ITPro".
Numerous vulnerabilities across Mozilla's products could potentially lead to code execution and system takeoverπ Read
via "ITPro".
IT PRO
Mozilla patches high-severity security flaws in new βspeedyβ Firefox release | IT PRO
Numerous vulnerabilities across Mozilla's products could potentially lead to code execution and system takeover
π’ Cloudflare unveils first zero trust SIM for mobile devices π’
π Read
via "ITPro".
New wireless carrier program will also let carriers integrate Zero Trust security into existing corporate plansπ Read
via "ITPro".
IT PRO
Cloudflare unveils first zero trust SIM for mobile devices | IT PRO
New wireless carrier program will also let carriers integrate Zero Trust security into existing corporate plans
π’ GitHub alerts users to active phishing campaign π’
π Read
via "ITPro".
The attack revolves around counterfeit CircleCI notifications urging users to accept updated terms of use and privacy policyπ Read
via "ITPro".
IT PRO
GitHub alerts users to active phishing campaign | IT PRO
The attack revolves around counterfeit CircleCI notifications urging users to accept updated terms of use and privacy policy
π’ 35 cyber startups join largest UK government-backed accelerator π’
π Read
via "ITPro".
The startups will benefit from business masterclasses, mentoring and engineering support, and technical product development supportπ Read
via "ITPro".
IT PRO
35 cyber startups join largest UK government-backed accelerator | IT PRO
The startups will benefit from business masterclasses, mentoring and engineering support, and technical product development support
π’ GoTo Resolve Basic review: An SMB-friendly remote support service π’
π Read
via "ITPro".
This good-value hosted remote support service is ideal for SMBs that demand zero-trust access securityπ Read
via "ITPro".
IT PRO
GoTo Resolve Basic review: An SMB-friendly remote support service | IT PRO
This good-value hosted remote support service is ideal for SMBs that demand zero-trust access security
βΌ CVE-2022-32168 βΌ
π Read
via "National Vulnerability Database".
Notepad++ versions 8.4.1 and before are vulnerable to DLL hijacking where an attacker can replace the vulnerable dll (UxTheme.dll) with his own dll and run arbitrary code in the context of Notepad++.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3333 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as problematic, was found in Zephyr Project Manager up to 3.2.4. Affected is an unknown function of the file /v1/tasks/create/ of the component REST Call Handler. The manipulation of the argument onanimationstart leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 3.2.5 is able to address this issue. It is recommended to upgrade the affected component. VDB-209370 is the identifier assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3332 βΌ
π Read
via "National Vulnerability Database".
A vulnerability classified as critical has been found in SourceCodester Food Ordering Management System. This affects an unknown part of the file router.php of the component POST Parameter Handler. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-209583.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3348 βΌ
π Read
via "National Vulnerability Database".
Just like in the previous report, an attacker could steal the account of different users. But in this case, it's a little bit more specific, because it is needed to be an editor in the same app as the victim.π Read
via "National Vulnerability Database".
β WhatsApp βzero-day exploitβ news scare β what you need to know β
π Read
via "Naked Security".
Is WhatsApp currently under active attack by cyercriminals? Is this a clear and current danger? How worried should WhatsApp users be?π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ Jamf Announces Intent to Acquire ZecOps, to Provide a Market-Leading Security Solution for Mobile Devices as Targeted Attacks Continue to Grow π΄
π Read
via "Dark Reading".
ZecOps extends Jamf's mobile security capabilities by adding advanced detections and incident response.π Read
via "Dark Reading".
Dark Reading
Jamf Announces Intent to Acquire ZecOps, to Provide a Market-Leading Security Solution for Mobile Devices as Targeted Attacks Continueβ¦
ZecOps extends Jamf's mobile security capabilities by adding advanced detections and incident response.
β Optus breach β Aussie telco told it will have to pay to replace IDs β
π Read
via "Naked Security".
Licence compromised? Passport number burned? Need a new one? Who's going to pay?π Read
via "Naked Security".
Naked Security
Optus breach β Aussie telco told it will have to pay to replace IDs
Licence compromised? Passport number burned? Need a new one? Whoβs going to pay?
βΌ CVE-2022-40486 βΌ
π Read
via "National Vulnerability Database".
TP Link Archer AX10 V1 Firmware Version 1.3.1 Build 20220401 Rel. 57450(5553) was discovered to allow authenticated attackers to execute arbitrary code via a crafted backup file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3349 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in Sony PS4 and PS5. It has been classified as critical. This affects the function UVFAT_readupcasetable of the component exFAT Handler. The manipulation of the argument dataLength leads to heap-based buffer overflow. It is possible to launch the attack on the physical device. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-209679.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2760 βΌ
π Read
via "National Vulnerability Database".
In affected versions of Octopus Deploy it is possible to reveal the Space ID of spaces that the user does not have access to view in an error message when a resource is part of another Space.π Read
via "National Vulnerability Database".
ποΈ Rancher stored secrets in plaintext, exposed Kubernetes clusters to takeover ποΈ
π Read
via "The Daily Swig".
Maintainers patch vulnerability and offer mitigation advice over bug that affects all Kubernetes objectsπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Rancher stored sensitive values in plaintext, exposed Kubernetes clusters to takeover
Maintainers patch vulnerability and offer mitigation advice over bug that affects Rancher-owned objects
π΄ Illumio Introduces New Solution to Stop Endpoint Ransomware from Spreading Across the Hybrid Attack Surface π΄
π Read
via "Dark Reading".
Illumio Endpoint extends zero trust segmentation to see risk and set policy across macOS and Windows devices.π Read
via "Dark Reading".
Dark Reading
Illumio Introduces New Solution to Stop Endpoint Ransomware from Spreading Across the Hybrid Attack Surface
Illumio Endpoint extends zero trust segmentation to see risk and set policy across macOS and Windows devices.
ποΈ Vulnerability in Apache Pulsar allowed manipulator-in-the-middle attacks ποΈ
π Read
via "The Daily Swig".
Clients vulnerable due to improper certificate validationπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Vulnerability in Apache Pulsar allowed manipulator-in-the-middle attacks
Clients vulnerable due to improper certificate validation