Security
Headlines
HeadlinesLatestCVEs

Tag

#sap

'Sextortion,' Business Disruption, and a Massive Attack: What Could Be in Store for 2023

Our growing interconnectedness poses almost as many challenges as it does benefits.

DARKReading
Open in Source
#web#microsoft#dos#intel#sap
Debian Security Advisory 5304-1

Debian Linux Security Advisory 5304-1 - Jan-Niklas Sohn discovered several vulnerabilities in X server extensions in the X.Org X server, which may result in privilege escalation if the X server is running privileged.

CVE-2022-38065: TALOS-2022-1599 || Cisco Talos Intelligence Group

A privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git master 05194e7618 and prior. Overly permissive functionality within tools leveraging this library within a container can lead increased privileges.

Paying Ransom: Why Manufacturers Shell Out to Cybercriminals

Lower cybersecurity awareness coupled with vulnerable OT gear makes manufacturers tempting targets, but zero trust can blunt attackers’ advantages.

Hacked Ring Cameras Used in Livestreaming Swatting Attacks

By Waqas Per the police, the two suspects were aided by a third man who obtained the login credentials of victims’ Yahoo accounts and identified if they owned a Ring doorbell camera. This is a post from HackRead.com Read the original post: Hacked Ring Cameras Used in Livestreaming Swatting Attacks

Threat Spotlight: XLLing in Excel - threat actors using malicious add-ins

As more and more users adopt new versions of Microsoft Office, it is likely that threat actors will turn away from VBA-based malicious documents to other formats such as XLLs or rely on exploiting newly discovered vulnerabilities to launch malicious code.

Elon Musk and the Dangers of Censoring Real-Time Flight Trackers

Elon Musk claims plane-tracking data is a risky privacy violation. But the world loses a lot if this information disappears—and that's already happening.

Malwarebytes earns AV-TEST Top Product awards for fourth consecutive quarter

Categories: Business AV-TEST, a leading independent tester of cybersecurity solutions, has just ranked Malwarebytes as a Top Product for consumers and businesses for the fourth quarter in a row. (Read more...) The post Malwarebytes earns AV-TEST Top Product awards for fourth consecutive quarter appeared first on Malwarebytes Labs.

GHSA-54r5-wr8x-x5v3: Apiman has insufficient checks for read permissions

Apiman 1.5.7 through 2.2.3.Final has insufficient checks for read permissions within the Apiman Manager REST API. The root cause of the issue is the Apiman project's accidental acceptance of a large contribution that was not fully compatible with the security model of Apiman versions before 3.0.0.Final. Because of this, 3.0.0.Final is not affected by the vulnerability.

4 over-hyped security vulnerabilities of 2022

Categories: Exploits and vulnerabilities Categories: News Tags: wormable Tags: zero-day Tags: spring4shell Tags: cve-2022-34718 Tags: log4j Tags: openssl Tags: cve-2022-36934 Tags: cve-2022-27492 Tags: cve-2022-22965 Tags: cve-2022-22963 What does it take to make the discussion of vulnerabilities useful? And where did this go wrong in 2022? (Read more...) The post 4 over-hyped security vulnerabilities of 2022 appeared first on Malwarebytes Labs.