Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

CVE-2022-35742

Microsoft Outlook Denial of Service Vulnerability

CVE
Open in Source
#vulnerability#microsoft#dos
Microsoft gives Apple a migraine

Categories: Exploits and vulnerabilities Categories: News Tags: Apple Tags: macOS Tags: Ventura 13.4 Tags: Monterey 12.6.6 Tags: Big Sur 11.7.7 Tags: libxpc Tags: SIP Tags: XPC Tags: NVRAM Tags: CVE-2023-32369 Tags: Migraine Microsoft has released details about a vulnerability that can bypass macOS's System Integrity Protection (Read more...) The post Microsoft gives Apple a migraine appeared first on Malwarebytes Labs.

CVE-2022-35743

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability

Bitdefender Introduces GravityZone Security for Android, iOS, and Chromebook

By Habiba Rashid According to Bitdefender, GravityZone Security for Mobile is a cutting-edge solution that leverages powerful antimalware technologies driven by real-time threat intelligence and machine learning. This is a post from HackRead.com Read the original post: Bitdefender Introduces GravityZone Security for Android, iOS, and Chromebook

Apple's iOS 16.5 Fixes 3 Security Bugs Already Used in Attacks

Plus: Microsoft patches two zero-day flaws, Google’s Android and Chrome get some much-needed updates, and more.

Microsoft GamingServicesNet 12.77.3001.0 Unquoted Service Path

Microsoft GamingServicesNet version 12.77.3001.0 suffers from an unquoted service path vulnerability.

Microsoft Details Critical Apple macOS Vulnerability Allowing SIP Protection Bypass

Microsoft has shared details of a now-patched flaw in Apple macOS that could be abused by threat actors with root access to bypass security enforcements and perform arbitrary actions on affected devices. Specifically, the flaw – dubbed Migraine and tracked as CVE-2023-32369 – could be abused to get around a key security measure called System Integrity Protection (SIP), or “rootless,” which

Dark Pink APT Group Leverages TelePowerBot and KamiKakaBot in Sophisticated Attacks

The threat actor known as Dark Pink has been linked to five new attacks aimed at various entities in Belgium, Brunei, Indonesia, Thailand, and Vietnam between February 2022 and April 2023. This includes educational entities, government agencies, military bodies, and non-profit organizations, indicating the adversarial crew’s continued focus on high-value targets. Dark Pink, also called Saaiwc

Discord Admins Hacked by Malicious Bookmarks

A number of Discord communities focused on cryptocurrency have been hacked this past month after their administrators were tricked into running malicious Javascript code disguised as a Web browser bookmark.

CVE-2023-28353: Technical Advisory – Multiple Vulnerabilities in Faronics Insight (CVE-2023-28344, CVE-2023-28345, CVE-2023-28346, CVE-2023-28347, CVE-2023-28348, CVE-2023-28349, CVE-2023-28350, CVE-2023-28351, CVE-2

An issue was discovered in Faronics Insight 10.0.19045 on Windows. An unauthenticated attacker is able to upload any type of file to any location on the Teacher Console's computer, enabling a variety of different exploitation paths including code execution. It is also possible for the attacker to chain this vulnerability with others to cause a deployed DLL file to immediately execute as NT AUTHORITY/SYSTEM.