Wednesday, November 27, 2024
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Exploits and vulnerabilities

MalwareBytes Security 

Amazon Photos vulnerability could have given attackers access to user files and data

admin , , , , , , ,

Credit to Author: Jovi Umawing| Date: Thu, 30 Jun 2022 15:25:24 +0000

The retail giant patched a serious flaw in its Amazon Photos app that left user access token exposed to potential attackers.

The post Amazon Photos vulnerability could have given attackers access to user files and data appeared first on Malwarebytes Labs.

Read more
MalwareBytes Security 

Update now! Mozilla fixes security vulnerabilities and introduces a new privacy feature for Firefox

admin , , , , , , , , , , ,

Credit to Author: Pieter Arntz| Date: Thu, 30 Jun 2022 14:01:41 +0000

Mozilla has released Firefox updates to the Release Channel that fix several security vulnerabilities and introduce a new privacy feature called Query Parameter Stripping.

The post Update now! Mozilla fixes security vulnerabilities and introduces a new privacy feature for Firefox appeared first on Malwarebytes Labs.

Read more
MalwareBytes Security 

CISA Log4Shell warning: Patch VMware Horizon installations immediately

admin , , , , ,

Credit to Author: Christopher Boyd| Date: Mon, 27 Jun 2022 09:54:58 +0000

CISA warns of log4shell being actively exploited to compromise VMware Horizon systems. We take a look at their warning.

The post CISA Log4Shell warning: Patch VMware Horizon installations immediately appeared first on Malwarebytes Labs.

Read more
MalwareBytes Security 

DFSCoerce, a new NTLM relay attack, can take control over a Windows domain

admin , , , , , ,

Credit to Author: Pieter Arntz| Date: Tue, 21 Jun 2022 15:49:12 +0000

A researcher has posted a PoC for yet another NTLM relay attack method dubbed DFSCoerce. It is high time to retire NTLM.

The post DFSCoerce, a new NTLM relay attack, can take control over a Windows domain appeared first on Malwarebytes Labs.

Read more
MalwareBytes Security 

Hertzbleed exposes computers’ secret whispers

admin , , , , , , , , , ,

Credit to Author: Pieter Arntz| Date: Thu, 16 Jun 2022 16:28:42 +0000

Hertzbleed is a new side-channel attack that can recover sensitive information from a targeted system by applying CPU timing.

The post Hertzbleed exposes computers’ secret whispers appeared first on Malwarebytes Labs.

Read more
MalwareBytes Security 

Update now!  Microsoft patches Follina, and many other security updates

admin , , , , , , , , , , , , , , , , , , , ,

Credit to Author: Pieter Arntz| Date: Wed, 15 Jun 2022 13:17:05 +0000

Patch Tuesday for June 2022 brought a fix for Follina and many other security vulnerabilities. Time to figure out what needs to be prioritized.

The post Update now!  Microsoft patches Follina, and many other security updates appeared first on Malwarebytes Labs.

Read more
MalwareBytes Security 

“Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft

admin , , , , ,

Credit to Author: Christopher Boyd| Date: Tue, 14 Jun 2022 12:43:08 +0000

Microsoft has warned of APT groups and ransomware authors exploiting the now patched Confluence vulnerability. We take a look at the dangers.

The post “Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft appeared first on Malwarebytes Labs.

Read more
MalwareBytes Security 

Don’t panic! “Unpatchable” Mac vulnerability discovered

admin , , , , , ,

Credit to Author: Pieter Arntz| Date: Tue, 14 Jun 2022 09:53:27 +0000

Researchers at MIT have published details about an attack that uses a flaw in the M1 security feature pointer authentication codes.

The post Don’t panic! “Unpatchable” Mac vulnerability discovered appeared first on Malwarebytes Labs.

Read more