Exploits and vulnerabilities – Page 22 – Computer Security Articles

Urgent update for macOS and iOS! Two actively exploited zero-days fixed

August 18, 2022 admin actively exploited, cve-2022-32893, cve-2022-32894, exploit kit, Exploits and vulnerabilities, iOS, kernel privileges, MacOS, news, watering hole, Webkit

Categories: Exploits and vulnerabilities

Categories: News

Tags: macOS

Tags: iOS

Tags: CVE-2022-32894

Tags: CVE-2022-32893

Tags: kernel privileges

Tags: WebKit

Tags: actively exploited

Tags: watering hole

Tags: exploit kit

Apple has released emergency security updates to fix two zero-day vulnerabilities previously exploited by attackers to hack iPhones, iPads, or Macs.

MalwareBytes Security

Update Chrome now! Google issues patch for zero day spotted in the wild

August 17, 2022 admin 104.0.5112.101, chrome, cve-2022-2852, cve-2022-2853, cve-2022-2854, cve-2022-2856, Exploits and vulnerabilities, google, heap buffer overflow, news, uaf

Categories: Exploits and vulnerabilities

Categories: News

Tags: 104.0.5112.101

Tags: Google

Tags: Chrome

Tags: CVE-2022-2852

Tags: CVE-2022-2856

Tags: CVE-2022-2854

Tags: CVE-2022-2853

Tags: UAF

Tags: heap buffer overflow

Google issued an update that includes 11 security fixes. One of the vulnerabilities is labeled as “Critical” and one of the vulnerabilities that is labeled as “High” exists in the wild.

MalwareBytes Security

[updated] Thousands of Zimbra mail servers backdoored in large scale attack

August 17, 2022 admin authentication, cve-2022-27925, cve-2022-37042, Exploits and vulnerabilities, news, RCE, Web Shell, zimbra, zvs

Categories: Exploits and vulnerabilities

Categories: News

Tags: Zimbra

Tags: ZVS

Tags: cve-2022-27925

Tags: web shell

Tags: cve-2022-37042

Tags: authentication

Tags: RCE

Researchers found that a known RCE vulnerability in Zimbra Collaboration was chained with a new authentication vulnerability to drop backdoor web shells on thousands of servers

MalwareBytes Security

Researchers found one-click exploits in Discord and Teams

August 15, 2022 admin discord, electron, electronjs, Exploits and vulnerabilities, log4j, log4shell, microsoftteams, news, NodeJS, Spotify, v8 chrome

Categories: Exploits and vulnerabilities

Categories: News

Tags: Discord

Tags: Spotify

Tags: MicrosoftTeams

Tags: Electron

Tags: ElectronJS

Tags: NodeJS

Tags: V8 Chrome

Tags: Log4Shell

Tags: Log4j

A group of security researchers found a series of vulnerabilities in the software underlying popular apps like Discord, Microsoft Teams, and many others

MalwareBytes Security

Thousands of Zimbra mail servers backdoored in large scale attack

August 12, 2022 admin authentication, cve-2022-27925, cve-2022-37042, Exploits and vulnerabilities, news, RCE, Web Shell, zimbra, zvs

Categories: Exploits and vulnerabilities

Categories: News

Tags: Zimbra

Tags: ZVS

Tags: cve-2022-27925

Tags: web shell

Tags: cve-2022-37042

Tags: authentication

Tags: RCE

Researchers found that a known RCE vulnerability in Zimbra Collaboration was chained with a new authentication vulnerability to drop backdoor web shells on thousands of servers

MalwareBytes Security

Slack flaw exposed users’ hashed passwords

August 11, 2022 admin Exploits and vulnerabilities

Categories: Exploits and vulnerabilities

Slack was exposing user passwords for years. The bug has been swatted and the affected users informed.

(Read more…)

The post Slack flaw exposed users’ hashed passwords appeared first on Malwarebytes Labs.

MalwareBytes Security

Update now! Microsoft fixes two zero-days in August’s Patch Tuesday

August 11, 2022 admin adobe, Android, Cisco, cve-2022-24477, cve-2022-24516, cve-2022-30133, cve-2022-30134, cve-2022-34713, cve-2022-34715, cve-2022-35743, dogwalk, Exchange, Exploits and vulnerabilities, google, microsoft, msdt, news, nfs, Patch Tuesday, ppp, SAP, VMware

Categories: Exploits and vulnerabilities

Categories: News

Tags: Microsoft

Tags: patch Tuesday

Tags: MSDT

Tags: NFS

Tags: PPP

Tags: Exchange

Tags: CVE-2022-34713

Tags: CVE-2022-35743

Tags: DogWalk

Tags: CVE-2022-30134

Tags: CVE-2022-24477

Tags: CVE-2022-24516

Tags: CVE-2022-30133

Tags: CVE-2022-34715

Tags: Adobe

Tags: Cisco

Tags: Google

Tags: Android

Tags: SAP

Tags: VMWare

Patch Tuesday for August 2022 has come around. We take a look at the most important vulnerabilities that Microsoft’s fixed and a brief look at what other vendors did.

MalwareBytes Security

Patch now! Cisco VPN routers are vulnerable to remote control

August 7, 2022 admin Cisco, cve-2022-20827, cve-2022-20841, cve-2022-20842, Exploits and vulnerabilities, input validation, vpn routers

Credit to Author: Pieter Arntz| Date: Sun, 07 Aug 2022 11:14:14 +0000

Cisco has released a security advisory about some serious security vulnerabilities in multiple Cisco small business VPN routers.

The post Patch now! Cisco VPN routers are vulnerable to remote control appeared first on Malwarebytes Labs.