vulnerability – Page 24 – PossibleThreat Articles

Firefox, Thunderbird, receive patches for critical security issues

May 28, 2022 0 Comments cve-2022-1529, cve-2022-1802, Exploit, Exploits and vulnerabilities, firefox, thunderbird, vulnerability

Credit to Author: Christopher Boyd| Date: Fri, 27 May 2022 11:06:49 +0000

Critical updates have been released for both Firefox and Thunderbird. Apply now if you haven’t already—we explain how.

The post Firefox, Thunderbird, receive patches for critical security issues appeared first on Malwarebytes Labs.

Microsoft Security

Android apps with millions of downloads exposed to high-severity vulnerabilities

May 28, 2022 0 Comments Android, cybersecurity, Microsoft, Microsoft security intelligence, Mobile, Security, vulnerability

Credit to Author: Katie McCafferty| Date: Fri, 27 May 2022 16:00:00 +0000

Microsoft uncovered high-severity vulnerabilities in a mobile framework used by multiple large mobile service providers in pre-installed Android System apps that potentially exposed users to remote or local attacks.

The post Android apps with millions of downloads exposed to high-severity vulnerabilities appeared first on Microsoft Security Blog.

Security Sophos

Mozilla patches Wednesday’s Pwn2Own double-exploit… on Friday!

May 20, 2022 0 Comments cve-2022-1529, cve-2022-1802, firefox, manfred paul, Mozilla, pwn2own, vulnerability

Credit to Author: Paul Ducklin| Date: Fri, 20 May 2022 23:47:31 +0000

That was quick! 48 hours from exploit report to published patch.

Security Sophos

Microsoft patches the Patch Tuesday patch that broke authentication

May 20, 2022 0 Comments authentication, Microsoft, out-of-band, patch-to-patch, vulnerability, Windows, woindows

Credit to Author: Paul Ducklin| Date: Fri, 20 May 2022 22:35:09 +0000

Remember the good old days when security patches rarely needed patches? Because security patches themlelves were rare enough anyway?

Security Sophos

US Government says: Patch VMware right now, or get off our network

May 20, 2022 0 Comments cve-2022-22972, cve-2022-22973, federal government, mtr, vmware, vulnerability

Credit to Author: Paul Ducklin| Date: Fri, 20 May 2022 14:03:54 +0000

Find and patch. Right now. If you can’t patch, get it off the network. Right now! Oh, and show us what you did to comply.

Security Sophos

S3 Ep83: Cracking passwords, patching Firefox, and Apple vulns [Podcast]

May 19, 2022 0 Comments Apple, bust, cracking, Cybercrime, Law & order, Naked Security Podcast, Podcast, vulnerability

Credit to Author: Paul Ducklin| Date: Thu, 19 May 2022 13:56:58 +0000

Latest episode – listen now!

Security Sophos

Pwn2Own hacking schedule released – Windows and Linux are top targets

May 18, 2022 0 Comments Hacking, pwn2own, research, secops, vulnerability

Credit to Author: Paul Ducklin| Date: Wed, 18 May 2022 13:04:06 +0000

What’s better? Disclose early, patch fast? Or dig deep, disclose in full, patch more slowly?

Security Sophos

Apple patches zero-day kernel hole and much more – update now!

May 17, 2022 0 Comments 0 day, Apple, iOS, OS X, Patch, vulnerability, zero day

Credit to Author: Paul Ducklin| Date: Tue, 17 May 2022 09:30:25 +0000

You’ll find fixes for numerous kernel-level code execution holes, including an 0-day vulnerability in many (though not all) versions.

Security Sophos

Serious Security: Learning from curl’s latest bug update

May 12, 2022 0 Comments curl, security bypass, vulnerability

Credit to Author: Paul Ducklin| Date: Thu, 12 May 2022 15:08:53 +0000

Learn how to write plain-speaking and purposeful security advisories from one of the most widely-used open source tools in the world.

QuickHeal Security

Critical Zero-Day “Log4Shell” Vulnerability “CVE-2021-44228” Exploited in the Wild

May 10, 2022 0 Comments #zerodayvulnerability, cve-2021-44228, cybersecurity, log4j, malware, Uncategorized, vulnerability

Credit to Author: Amruta Wagh| Date: Tue, 10 May 2022 10:40:09 +0000

On December 9, 2021, Apache revealed a severe Remote code execution vulnerability CVE-2021-44228 named “Log4Shell” in Apache Java-based…

The post Critical Zero-Day “Log4Shell” Vulnerability “CVE-2021-44228” Exploited in the Wild appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.