RSS Reader for Computer Security Articles
Categories: Android Categories: Exploits and vulnerabilities Categories: News Google has issued its December round of patches, which includes a fix for a critical vulnerability that allows RCE over Bluetooth |
The post Update now! Google patches Android vulnerability that allows remote code execution over Bluetooth appeared first on Malwarebytes Labs.
Read MoreCategories: Exploits and vulnerabilities Categories: News Tags: V8 Tags: V8 JavaScript Engine Tags: Google Chrome Tags: Chrome Tags: CVE-2022-4262 Tags: 108.0.5359.94 Tags: 108.0.5359.95 Tags: Chrome V8 flaw Tags: type confusion Google has rolled out an out-of-band patch for an actively exploited zero-day vulnerability in its V8 JavaScript engine. Make sure you’re using the latest version. |
The post Update now! Emergency fix for Google Chrome’s V8 JavaScript engine zero-day flaw released appeared first on Malwarebytes Labs.
Read MoreCategories: Exploits and vulnerabilities Categories: News Google has issued an update for Chrome to fix an issue in the V8 JavaScript engine |
The post A Chrome fix for an in-the-wild exploit is out—Check your version appeared first on Malwarebytes Labs.
Read MoreCategories: Exploits and vulnerabilities Categories: News Tags: PoC Tags: PoCs Tags: Leiden Tags: GitHub Tags: VirusTotal Tags: AbuseIPDB Researchers from Leiden University analyzed many thousands of Proof-of-Concepts and found that 10 percent of those they found on GitHub are malicious |
The post Fake Proof-of-Concepts used to lure security professionals appeared first on Malwarebytes Labs.
Read MoreCategories: Exploits and vulnerabilities Categories: News Tags: Cisco Tags: Identity Services Engine Tags: AnyConnect VPN server Tags: CVE-2022-20822 Tags: CVE-2022-20959 Tags: CVE-2022-20933 Tags: input validation Cisco’s latest security advisory includes a vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) that could allow an attacker to read and delete files. |
The post Cisco warns of ISE vulnerability with no fixed release or workaround appeared first on Malwarebytes Labs.
Read MoreCategories: Exploits and vulnerabilities Categories: News Tags: Log4Text Tags: Apache Tags: Commons Text Tags: CVE-2022-42889 Tags: Log4j Tags: Log4Shell Tags: interpolators Log4Text is a recently found vulnerability in Apache Commons. Log4Text provoked a knee jerk reaction because it reminds us of Log4Shell. So should we worry? |
The post Why Log4Text is not another Log4Shell appeared first on Malwarebytes Labs.
Read MoreCategories: Exploits and vulnerabilities Categories: News Tags: Chinese APT Tags: advanced persistent threat Tags: APT Tags: CISA Tags: NSA Tags: FBI Tags: security advisory CISA, the NSA and the FBI have compiled a list of the vulnerabilities targeted by state-sponsorted threat actors from China. |
The post Chinese APT’s favorite vulnerabilities revealed appeared first on Malwarebytes Labs.
Read MoreCategories: Exploits and vulnerabilities Categories: News Tags: Microsoft Tags: Apple Tags: Google Tags: Android Tags: Samsung Tags: Xiaomi Tags: Adobe Tags: SAP Tags: VMWare Tags: Fortinet Tags: CVE-2022-41033 Tags: CVE-2022-41040 Tags: zero-day No fix for ProxyNotShell |
The post Update now! October patch Tuesday fixes actively used zero-day…but not the one you expected appeared first on Malwarebytes Labs.
Read More