Lucene search
K

389 matches found

Malwarebytes
Malwarebytes
added 2023/07/17 1:0 a.m.13 views

A week in security (July 10 - 16)

Last week on Malwarebytes Labs: Tax preparation firms shared sensitive information with Meta Ransomware making big money through "big game hunting" Malwarebytes stops 100% of Advanced Threats in latest AV-Test assessment From Malvertising to Ransomware: A ThreatDown webinar recap Ransomware revie...

7.5AI score
Exploits0
MSRC
MSRC
added 2023/07/14 9:0 a.m.20 views

What to expect when reporting vulnerabilities to Microsoft

At the Microsoft Security Response Center MSRC, our mission is to protect our customers, communities, and Microsoft from current and emerging threats to security and privacy. One way we achieve this is by working with security researchers to identify and fix security vulnerabilities in our servic...

7.3AI score
Exploits0
Krebs on Security
Krebs on Security
added 2023/07/11 10:55 p.m.82 views

Apple & Microsoft Patch Tuesday, July 2023 Edition

Microsoft Corp. today released software updates to quash 130 security bugs in its Windows operating systems and related software, including at least five flaws that are already seeing active exploitation. Meanwhile, Apple customers have their own zero-day woes again this month: On Monday, Apple...

6.8CVSS7.9AI score0.98998EPSS
Exploits8
Malwarebytes
Malwarebytes
added 2023/07/11 3:0 a.m.39 views

[Updated] Apple issues Rapid Security Response for zero-day vulnerability

Apple has issued an update for a vulnerability which it says may have been actively exploited. In the security content for Safari 16.5.2 we can learn that the vulnerability was found in the WebKit component which is Apples web rendering engine. In other words, WebKit is the browser engine that...

7.5AI score0.1895EPSS
Exploits0
The Hacker News
The Hacker News
added 2023/05/19 3:43 a.m.2 views

WebKit Under Attack: Apple Issues Emergency Patches for 3 New Zero-Day Vulnerabilities

Apple on Thursday rolled out security updates to iOS, iPadOS, macOS, tvOS, watchOS, and the Safari web browser to address dozens of flaws, including three new zero-days that it said are being actively exploited in the wild. The three security shortcomings are listed below - CVE-2023-32409 - A...

8.8CVSS7.5AI score0.27076EPSS
Exploits0
Wallarm Lab
Wallarm Lab
added 2023/05/16 1:58 p.m.71 views

ChatGPT: Friend or Foe? | API Security Newsletter

Welcome to our April API newsletter, recapping some of the events of last month. This month’s topic is Generative AI tools e.g., ChatGPT in cybersecurity. It – along with API Security – dominated the 2023 RSA Conference, and there’s plenty of digital ink being spilled on the topic. Be sure to wat...

7.5CVSS8.8AI score0.35604EPSS
Exploits14
Malwarebytes
Malwarebytes
added 2023/05/08 2:0 a.m.30 views

A week in security (May 1 - 7)

Last week on Malwarebytes Labs: How to protect your small business from social engineering Microsoft: You're already using the last version of Windows 10 Is it OK to train an AI on your images, without permission? Upcoming webinar: Is EDR or MDR better for your business? Google Authenticator WILL...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/05 5:15 p.m.17 views

Apple releases first Rapid Security Response update for iOS, iPadOS, and macOS users

On Monday, Apple released its first batch of Rapid Security Response RSR patches, iOS 16.4.1 a, iPadOS 16.4.1 a, and macOS 13.3.1 a, for iPhone and iPad, and macOS devices, respectively. RSR is a new type of software patch delivered between Apple's regular, scheduled software updates. Previously,...

6.9AI score
Exploits0
GithubExploit
GithubExploit
added 2023/04/05 2:5 a.m.575 views

Exploit for Untrusted Pointer Dereference in Microsoft

It is an exploit module targeting Apache HTTP Server. The target...

7.8CVSS8.6AI score0.65417EPSS
Exploits13
MSRC
MSRC
added 2023/02/08 6:12 p.m.29 views

New MSRC Blog Site

We are excited to announce the release of the new Microsoft Security Response Center MSRC blog site. Please visit msrc.microsoft.com/blog/starting February 9th, 2023, for all past and future MSRC blog content. In addition to the new URL, we have refreshed the site with a new look and improved sit...

0.6AI score
Exploits0
MSRC
MSRC
added 2023/02/08 8:0 a.m.13 views

New MSRC Blog Site

We are excited to announce the release of the new Microsoft Security Response Center MSRC blog site. Please visit msrc.microsoft.com/blog/ starting February 9th, 2023, for all past and future MSRC blog content. In addition to the new URL, we have refreshed the site with a new look and improved si...

6.8AI score
Exploits0
MSRC
MSRC
added 2023/02/08 8:0 a.m.13 views

New MSRC Blog Site

We are excited to announce the release of the new Microsoft Security Response Center MSRC blog site. Please visit msrc.microsoft.com/blog/ starting February 9th, 2023, for all past and future MSRC blog content. In addition to the new URL, we have refreshed the site with a new look and improved si...

0.3AI score
Exploits0
MSRC
MSRC
added 2023/02/07 12:24 a.m.39 views

BlueHat 2023: Connecting the security research community with Microsoft

We’re excited to welcome more than 400 members of the security research community from around the world to Redmond, Washington for BlueHat 2023. Hosted by the Microsoft Security Response Center MSRC, BlueHat is where the security research community, and Microsoft security professionals, come...

1.1AI score
Exploits0
0day.today
0day.today
added 2023/01/18 12:0 a.m.330 views

Citrix Workspace App For Linux 2212 Credential Leak Vulnerability

The Citrix Linux client emits its session credentials when starting a Citrix session. These credentials end up being recorded in the client's system log. Citrix does not consider this to be a security vulnerability. Citrix Workspace App for Linux versions 2212 is affected. Citrix Linux client...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/10/26 5:15 p.m.55 views

iPhone zero-day. Update your devices now!

It's time to update your Apple devices to ward off a zero-day threat discovered by an anonymous researcher. As is customary for Apple, the advisory revealing this attack is somewhat threadbare, and doesn't reveal a lot of information with regard to what's happening, but if you own an iPad or iPho...

7.9AI score0.01136EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 9:6 p.m.31 views

Security Bulletin: IBM Support Assistant Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)

Abstract Java™ API Documentation contains a frame injection vulnerability. Content VULNERABILITY DETAILS: CVEID: CVE-2013-1571 DESCRIPTION: HTML documentation generated by the Javadoc tool contains a security vulnerability. The vulnerability allows an attacker to craft a malicious link to the...

4.3CVSS7.4AI score0.66817EPSS
Exploits1Affected Software1
Malwarebytes
Malwarebytes
added 2022/09/15 10:30 a.m.22 views

Here are the new security and privacy features of iOS 16

On Monday, September 12, Apple released iOS 16, which included a host of new security and privacy features. Let's look at what these are--and some quality-of-life QoL changes. Lockdown Mode As Macrumors calls it, Lockdown Mode is an "extreme" security setting ideal for those who regularly find...

6.4AI score
Exploits0
MSRC
MSRC
added 2022/09/06 8:9 a.m.34 views

What’s the smallest variety of CHERI?

The Portmeirion project is a collaboration between Microsoft Research Cambridge, Microsoft Security Response Center, and Azure Silicon Engineering & Solutions. Over the past year, we have been exploring how to scale the key ideas from CHERI down to tiny cores on the scale of the cheapest...

2.3AI score
Exploits0
MSRC
MSRC
added 2022/09/06 7:0 a.m.13 views

What’s the smallest variety of CHERI?

The Portmeirion project is a collaboration between Microsoft Research Cambridge, Microsoft Security Response Center, and Azure Silicon Engineering & Solutions. Over the past year, we have been exploring how to scale the key ideas from CHERI down to tiny cores on the scale of the cheapest...

2.7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/09/03 4:17 a.m.36 views

Samsung Admits Data Breach that Exposed Details of Some U.S. Customers

South Korean chaebol Samsung on Friday said it experienced a cybersecurity incident that resulted in the unauthorized access of some customer information, the second time this year it has reported such a breach. "In late July 2022, an unauthorized third-party acquired information from some of...

0.5AI score
Exploits0
Rows per page
Query Builder