#rce

Google on Tuesday officially began rolling out a new "Data safety" section for Android apps on the Play Store to highlight the type of data being collected and shared with third-parties. "Users want to know for what purpose their data is being collected and whether the developer is sharing user data with third parties," Suzanne Frey, Vice President of product for Android security and privacy,

Maintainers promptly patch issue that could also leak sensitive personal data

Soon, all countires in Europe, including the UK and Switzerland, will have the power to accept all and reject all cookies with a single click. The post “Reject All” cookie consent button is coming to European Google Search and YouTube appeared first on Malwarebytes Labs.

Emotet is back with a new spam campaign. And it's now spreading itself as a shortcut link file pretending to be Word document. The post Emotet fixes bug in code, resumes spam campaign appeared first on Malwarebytes Labs.

Red Hat AMQ Broker 7.9.4 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-22965: spring-framework: RCE via Data Binding on JDK 9+

Red Hat AMQ Broker 7.8.6 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-22965: spring-framework: RCE via Data Binding on JDK 9+

The U.S. government on Tuesday announced up to $10 million in rewards for information on six hackers associated with the Russian military intelligence service. "These individuals participated in malicious cyber activities on behalf of the Russian government against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act," the State Department's Rewards for Justice Program

An update is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0435: kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS

A "logical flaw" has been disclosed in NPM, the default package manager for the Node.js JavaScript runtime environment, that enables malicious actors to pass off rogue libraries as legitimate and trick unsuspecting developers into installing them. The supply chain threat has been dubbed "Package Planting" by researchers from cloud security firm Aqua. Following responsible disclosure on February

Four months after the Log4Shell vulnerability was disclosed, most affected open source components remain unpatched, and companies continue to use vulnerable versions of the logging tool.