Exploits and vulnerabilities

MalwareBytesSecurity

Update now! Apple fixes three actively exploited vulnerabilities

Categories: Apple

Categories: Exploits and vulnerabilities

Categories: News

Tags: Apple

Tags: kernel webkit

Tags: CVE-2023-32434

Tags: CVE-2023-32435

Tags: CVE-2023-32439

Tags: type confusion

Tags: integer overflow

Tags: operation triangulation

Apple has released security updates for several products to address a set of flaws it said were being actively exploited.

(Read more…)

The post Update now! Apple fixes three actively exploited vulnerabilities appeared first on Malwarebytes Labs.

Read More
MalwareBytesSecurity

Microsoft fixes six critical vulnerabilities in June Patch Tuesday

Categories: Exploits and vulnerabilities

Categories: News

Tags: Microsoft

Tags: patch Tuesday

Tags: CVE-2023-29357

Tags: CVE-2023-29363

Tags: CVE-2023-32014

Tags: CVE-2023-32015

Tags: CVE-2023-32013

Tags: CVE-2023-24897

Tags: CVE-2023-32031

Tags: SharePoint

Tags: PGM

Tags: Exchange

Tags: Hyper-V

Patch Tuesday of June 2023 is relatively relaxed. No actively exploited zero-days and only six critical vulnerabilities.

(Read more…)

The post Microsoft fixes six critical vulnerabilities in June Patch Tuesday appeared first on Malwarebytes Labs.

Read More
MalwareBytesSecurity

Update Chrome now! Google fixes critical vulnerability in Autofill payments

Categories: Exploits and vulnerabilities

Categories: News

Tags: Google

Tags: Chrome

Tags: Autofill

Tags: payments critical

Tags: CVE-2023-3214

Google has released an update which includes five security fixes including a critical vulnerability in Autofill payments.

(Read more…)

The post Update Chrome now! Google fixes critical vulnerability in Autofill payments appeared first on Malwarebytes Labs.

Read More
MalwareBytesSecurity

More MOVEit vulnerabilities found while the first one still resonates

Categories: Exploits and vulnerabilities

Categories: News

Categories: Ransomware

Tags: MOVEit

Tags: Progress

Tags: Cl0p

Tags: ransomware

Tags: CVE-2023-34362

A security audit of the MOVEit code has revealed more SQL injection vulnerabilities, while victims of the first vulnerability are coming to the surface.

(Read more…)

The post More MOVEit vulnerabilities found while the first one still resonates appeared first on Malwarebytes Labs.

Read More
MalwareBytesSecurity

Update your Cisco System Secure Client now to fix this AnyConnect bug

Categories: Exploits and vulnerabilities

Categories: News

Tags: Cisco

Tags: anyconnect

Tags: system secure client

Tags: VPN

Tags: bug

Tags: patch

Tags: update

Tags: vulnerability

Tags: SYSTEM

We take a look at a recent update for Cisco Secure System Client and why you should apply the update as soon as possible.

(Read more…)

The post Update your Cisco System Secure Client now to fix this AnyConnect bug appeared first on Malwarebytes Labs.

Read More
MalwareBytesSecurity

VMware patches critical vulnerabilities in Aria Operations for Networks

Categories: Exploits and vulnerabilities

Categories: News

Tags: cve-2023-20887

Tags: cve-2023-20888

Tags: cve-2023-20889

Tags: vmware

Tags: Aria Operations for Networks

Tags: RCE

Tags: information disclosure

Tags: deserialization

Tags: command injection

VMware has released security updates to fix a trio of flaws in Aria Operations for Networks that could result in information disclosure and remote code execution

(Read more…)

The post VMware patches critical vulnerabilities in Aria Operations for Networks appeared first on Malwarebytes Labs.

Read More