September 2022 – Page 15 – PossibleThreat Articles

Wormable Flaw, 0days Lead Sept. 2022 Patch Tuesday

September 13, 2022 0 Comments asheer malhotra, Cisco Talos, dustin childs, ios 16, jon munshaw, kevin breen, lily hay newman, lockdown mode, microsoft patch tuesday september 2022, pangu lab, safety check, satnam narang, security tools, Time to Patch, trend micro, xinru chi

Credit to Author: BrianKrebs| Date: Wed, 14 Sep 2022 00:23:45 +0000

This month’s Patch Tuesday offers a little something for everyone, including security updates for a zero-day flaw in Microsoft Windows that is under active attack, and another Windows weakness experts say could be used to power a fast-spreading computer worm. Also, Apple has also quashed a pair of zero-day bugs affecting certain macOS and iOS users, and released iOS 16, which includes a nifty new privacy and security feature called “Lockdown Mode.” And Adobe axed 63 vulnerabilities in a range of products.

MalwareBytes Security

Steam account credentials phished in browser-in-a-browser attack

September 13, 2022 0 Comments browser, e-sports, news, phish, phishing, steam

Categories: News

Tags: phish

Tags: phishing

Tags: steam

Tags: browser

Tags: e-sports

We take a look at a new use of the browser-in-a-browser attack to steal Steam user credentials.

MalwareBytes Security

Important update! iPhones, Macs, and more vulnerable to zero-day bug

September 13, 2022 0 Comments Exploits and vulnerabilities, news

Categories: Exploits and vulnerabilities

Categories: News

Apple has patched an actively-exploited flaw that affects a host of devices and software, including iPhones, Macs, iPads, and iPod touch.

MalwareBytes Security

Update now! Google patches vulnerabilities for Pixel mobile phones

September 13, 2022 0 Comments critical, cve-2022-20231, cve-2022-20364, Exploits and vulnerabilities, Google, kernel, news, Pixel, trusty

Categories: Exploits and vulnerabilities

Categories: News

Tags: Google

Tags: Pixel

Tags: critical

Tags: CVE-2022-20364

Tags: CVE-2022-20231

Tags: Trusty

Tags: Kernel

Google’s Pixel Update Bulletin for September included two security patches that are Pixel specific.

MalwareBytes Security

BackupBuddy WordPress plugin vulnerable to exploitation, update now!

September 13, 2022 0 Comments backupbuddy, compromise, Exploit, hack, news, update, vulnerability, Wordpress

Categories: News

Tags: BackupBuddy

Tags: WordPress

Tags: vulnerability

Tags: exploit

Tags: hack

Tags: compromise

Tags: update

We take a look at a vulnerability in popular WordPress plugin BackupBuddy, and the steps you need to take to fix it.

MalwareBytes Security

Apple puts the password on life support with passkey

September 13, 2022 0 Comments Apple, news

Categories: Apple

Categories: News

With the introduction of passkeys in iOS 16 and macOS Ventura, Apple is poised to sway a trend against the use of passwords.

Security Sophos

Serious Security: Browser-in-the-browser attacks – watch out for windows that aren’t!

September 13, 2022 0 Comments bitb, data loss, mitb, MITM, phishing, Scam

Credit to Author: Paul Ducklin| Date: Tue, 13 Sep 2022 20:52:54 +0000

It sounds like a scam that could never work: use a picture of browser and convince the user it’s a real browser. You might be surprised…

Security Sophos

A lighter Patch Tuesday, but one heavy with remote code execution bugs

September 13, 2022 0 Comments Microsoft, Patch Tuesday, sophos x-ops, threat research

Credit to Author: Matt Wixey| Date: Tue, 13 Sep 2022 18:38:14 +0000

There are fewer bugs in September’s update than in previous months, with RCE vulns making up the bulk of the addressed CVEs

Microsoft Security

Secure your endpoints with Transparity and Microsoft

September 13, 2022 0 Comments cybersecurity, Microsoft Intelligent Security Association (MISA), misa

Credit to Author: Christine Barrett| Date: Tue, 13 Sep 2022 16:00:00 +0000

When it comes to cybersecurity, the ability to normalize and correlate disparate logs from different devices, appliances, and resources is key, as is the ability to react quickly when under attack. In this blog post, we explore the importance of EPP as an essential component in your security strategy.

The post Secure your endpoints with Transparity and Microsoft appeared first on Microsoft Security Blog.

Security Wired

How Whistleblowers Navigate a Security Minefield

September 13, 2022 0 Comments business / national affairs, Security, Security / Privacy

Credit to Author: Matt Burgess| Date: Tue, 13 Sep 2022 11:00:00 +0000

Exposing wrongdoing is risky on the best of days. Whistleblower Aid cofounder John Tye explains the extensive steps needed to keep people safe.