RSS Reader for Computer Security Articles
Categories: Exploits and vulnerabilities Categories: News CISA updated its catalog of actively exploited vulnerabilities. Make sure you update your software before the due date! |
The post CISA wants you to patch these actively exploited vulnerabilities before September 8 appeared first on Malwarebytes Labs.
Read MoreCategories: Exploits and vulnerabilities Categories: News Tags: macOS Tags: iOS Tags: CVE-2022-32894 Tags: CVE-2022-32893 Tags: kernel privileges Tags: WebKit Tags: actively exploited Tags: watering hole Tags: exploit kit Apple has released emergency security updates to fix two zero-day vulnerabilities previously exploited by attackers to hack iPhones, iPads, or Macs. |
The post Urgent update for macOS and iOS! Two actively exploited zero-days fixed appeared first on Malwarebytes Labs.
Read MoreCategories: Exploits and vulnerabilities Categories: News Tags: 104.0.5112.101 Tags: Google Tags: Chrome Tags: CVE-2022-2852 Tags: CVE-2022-2856 Tags: CVE-2022-2854 Tags: CVE-2022-2853 Tags: UAF Tags: heap buffer overflow Google issued an update that includes 11 security fixes. One of the vulnerabilities is labeled as “Critical” and one of the vulnerabilities that is labeled as “High” exists in the wild. |
The post Update Chrome now! Google issues patch for zero day spotted in the wild appeared first on Malwarebytes Labs.
Read MoreCategories: Exploits and vulnerabilities Categories: News Tags: Zimbra Tags: ZVS Tags: cve-2022-27925 Tags: web shell Tags: cve-2022-37042 Tags: authentication Tags: RCE Researchers found that a known RCE vulnerability in Zimbra Collaboration was chained with a new authentication vulnerability to drop backdoor web shells on thousands of servers |
The post [updated] Thousands of Zimbra mail servers backdoored in large scale attack appeared first on Malwarebytes Labs.
Read MoreCategories: Exploits and vulnerabilities Categories: News Tags: Discord Tags: Spotify Tags: MicrosoftTeams Tags: Electron Tags: ElectronJS Tags: NodeJS Tags: V8 Chrome Tags: Log4Shell Tags: Log4j A group of security researchers found a series of vulnerabilities in the software underlying popular apps like Discord, Microsoft Teams, and many others |
The post Researchers found one-click exploits in Discord and Teams appeared first on Malwarebytes Labs.
Read MoreCategories: Exploits and vulnerabilities Categories: News Tags: Zimbra Tags: ZVS Tags: cve-2022-27925 Tags: web shell Tags: cve-2022-37042 Tags: authentication Tags: RCE Researchers found that a known RCE vulnerability in Zimbra Collaboration was chained with a new authentication vulnerability to drop backdoor web shells on thousands of servers |
The post Thousands of Zimbra mail servers backdoored in large scale attack appeared first on Malwarebytes Labs.
Read MoreCategories: Exploits and vulnerabilities Slack was exposing user passwords for years. The bug has been swatted and the affected users informed. |
The post Slack flaw exposed users’ hashed passwords appeared first on Malwarebytes Labs.
Read MoreCategories: Exploits and vulnerabilities Categories: News Tags: Microsoft Tags: patch Tuesday Tags: MSDT Tags: NFS Tags: PPP Tags: Exchange Tags: CVE-2022-34713 Tags: CVE-2022-35743 Tags: DogWalk Tags: CVE-2022-30134 Tags: CVE-2022-24477 Tags: CVE-2022-24516 Tags: CVE-2022-30133 Tags: CVE-2022-34715 Tags: Adobe Tags: Cisco Tags: Google Tags: Android Tags: SAP Tags: VMWare Patch Tuesday for August 2022 has come around. We take a look at the most important vulnerabilities that Microsoft’s fixed and a brief look at what other vendors did. |
The post Update now! Microsoft fixes two zero-days in August’s Patch Tuesday appeared first on Malwarebytes Labs.
Read More