Lucene search
K

148 matches found

The Hacker News
The Hacker News
added 2023/02/20 5:50 a.m.44 views

Samsung Introduces New Feature to Protect Users from Zero-Click Malware Attacks

Samsung has announced a new feature called Message Guard that comes with safeguards to protect users from malware and spyware via what's referred to as zero-click attacks. The South Korean chaebol said the solution "preemptively" secures users' devices by "limiting exposure to invisible threats...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2022/12/20 5:52 a.m.56 views

Microsoft Details Gatekeeper Bypass Vulnerability in Apple macOS Systems

Microsoft has disclosed details of a now-patched security flaw in Apple macOS that could be exploited by an attacker to get around security protections imposed to prevent the execution of malicious applications. The shortcoming, dubbed Achilles CVE-2022-42821, CVSS score: 5.5, was addressed by th...

5.5CVSS0.7AI score0.03897EPSS
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/12/19 6:0 p.m.100 views

Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability

On July 27, 2022, Microsoft discovered a vulnerability in macOS that can allow attackers to bypass application execution restrictions imposed by Apple’s Gatekeeper security mechanism, designed to ensure only trusted apps run on Mac devices. We developed a proof-of-concept exploit to demonstrate t...

5CVSS6AI score0.68531EPSS
Exploits13
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/12/19 6:0 p.m.97 views

Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability

On July 27, 2022, Microsoft discovered a vulnerability in macOS that can allow attackers to bypass application execution restrictions imposed by Apple’s Gatekeeper security mechanism, designed to ensure only trusted apps run on Mac devices. We developed a proof-of-concept exploit to demonstrate t...

5CVSS6AI score0.68531EPSS
Exploits13
RedHat Linux
RedHat Linux
added 2022/11/15 11:38 a.m.7 views

kernel: possible to use the debugger to write zero into a location of choice

A flaw was found in the kernel/debug/debugcore.c in the Linux kernel in lockdown mode. This flaw allows an attacker with local access to trigger the debugger, bypass lockdown and write anonymously...

6.7CVSS6.5AI score0.00612EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/11/08 9:32 a.m.7 views

kernel: possible to use the debugger to write zero into a location of choice

A flaw was found in the kernel/debug/debugcore.c in the Linux kernel in lockdown mode. This flaw allows an attacker with local access to trigger the debugger, bypass lockdown and write anonymously...

6.7CVSS6.5AI score0.00612EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/11/08 9:25 a.m.4 views

kernel: possible to use the debugger to write zero into a location of choice

A flaw was found in the kernel/debug/debugcore.c in the Linux kernel in lockdown mode. This flaw allows an attacker with local access to trigger the debugger, bypass lockdown and write anonymously...

6.7CVSS6.5AI score0.00612EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/10/20 12:0 a.m.24 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9927)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9927 advisory. - afkey: Do not call xfrmprobealgs in parallel Herbert Xu Orabug: 34566752 CVE-2022-3028 Tenable has extracted the preceding description block...

7CVSS6.8AI score0.00612EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/10/10 12:0 a.m.42 views

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2022-9870)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9870 advisory. - afkey: Do not call xfrmprobealgs in parallel Herbert Xu Orabug: 34566753 CVE-2022-3028 - lockdown: also lock down previous kgdb use Daniel Thompson...

7CVSS6.8AI score0.00612EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/10/10 12:0 a.m.20 views

Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2022-9871)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-9871 advisory. - afkey: Do not call xfrmprobealgs in parallel Herbert Xu Orabug: 34566753 CVE-2022-3028 - lockdown: also lock down previous kgdb use Daniel Thompson...

7CVSS6.8AI score0.00612EPSS
Exploits0References3
Malwarebytes
Malwarebytes
added 2022/09/15 10:30 a.m.22 views

Here are the new security and privacy features of iOS 16

On Monday, September 12, Apple released iOS 16, which included a host of new security and privacy features. Let's look at what these are--and some quality-of-life QoL changes. Lockdown Mode As Macrumors calls it, Lockdown Mode is an "extreme" security setting ideal for those who regularly find...

6.4AI score
Exploits0
Krebs on Security
Krebs on Security
added 2022/09/14 12:23 a.m.81 views

Wormable Flaw, 0days Lead Sept. 2022 Patch Tuesday

This months Patch Tuesday offers a little something for everyone, including security updates for a zero-day flaw in Microsoft Windows that is under active attack, and another Windows weakness experts say could be used to power a fast-spreading computer worm. Also, Apple has also quashed a pair of...

5CVSS1AI score0.75711EPSS
Exploits9
The Hacker News
The Hacker News
added 2022/09/13 3:36 a.m.117 views

Apple Releases iOS and macOS Updates to Patch Actively Exploited Zero-Day Flaw

Apple has released another round of security updates to address multiple vulnerabilities in iOS and macOS, including a new zero-day flaw that has been used in attacks in the wild. The issue, assigned the identifier CVE-2022-32917, is rooted in the Kernel component and could enable a malicious app...

10CVSS1.1AI score0.16342EPSS
Exploits0
Wired Threat Level
Wired Threat Level
added 2022/09/12 11:0 a.m.15 views

iOS 16 Has 2 New Security Features for Worst-Case Scenarios

Safety Check and Lockdown Mode give people in vulnerable situations ways to quarantine themselves from acute risks...

2.3AI score
Exploits0
Talos Blog
Talos Blog
added 2022/08/18 6:0 p.m.16 views

Threat Source newsletter (Aug. 18, 2022) — Why aren't Lockdown modes the default setting on phones?

By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter. As the data privacy landscape gets increasingly murky, app developers and device manufacturers are finding new ways to sure up users’ personal information. Of course, all users have to do is go out of their way to...

8.1AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/08/15 12:0 a.m.6 views

The vulnerability in the implementation of the Lockdown Mode mechanism for Linux operating systems allows a hacker to circumvent security restrictions.

The vulnerability in the implementation of the Lockdown Mode for Linux operating system kernels is related to the insecure handling of privileges during the loading of debugging tools KGDB and KDB. Exploiting this vulnerability can allow an attacker to circumvent security restrictions...

6.8CVSS6.4AI score0.00612EPSS
Exploits0References28Affected Software7
Cvelist
Cvelist
added 2022/08/11 3:29 p.m.25 views

CVE-2022-20336

In Settings, there is a possible installed application disclosure due to a missing permission check. This could lead to local information disclosure of applications allow-listed to use the network during VPN lockdown mode with no additional execution privileges needed. User interaction is not...

4.9AI score0.00089EPSS
Exploits0References1
Wired Threat Level
Wired Threat Level
added 2022/08/07 11:0 a.m.14 views

How to Use Lockdown Mode in iOS 16 to Make Your Phone More Secure

Whether you want to turn off link previews or block unwanted FaceTime calls, here's what you need to know...

2.2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/07/26 12:57 p.m.15 views

Apple’s Lockdown Mode

I havent written about Apples Lockdown Mode yet, mostly because I havent delved into the details. This is how Apple describes it: Lockdown Mode offers an extreme, optional level of security for the very few users who, because of who they are or what they do, may be personally targeted by some of...

1.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/07/22 12:0 a.m.31 views

SUSE SLES12 Security Update : kernel (Live Patch 22 for SLE 12 SP4) (SUSE-SU-2022:2446-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2446-1 advisory. - A race condition was found the Linux kernel in perfeventopen which can be exploited by an unprivileged user to gain root privileges. The bug...

7CVSS7.1AI score0.00612EPSS
Exploits0References10
Rows per page
Query Builder