Pegasus spyware and how it exploited a WebP vulnerability

Categories: Android

Categories: Apple

Categories: Exploits and vulnerabilities

Tags: Pegasus

Tags: spyware

Tags: nso

Tags: webp

Tags: libwebp

Tags: buffer overflow

The company behind the infamous Pegasus spyware used a vulnerability in almost every browser to plant their malware on victim’s devices.

(Read more…)

The post Pegasus spyware and how it exploited a WebP vulnerability appeared first on Malwarebytes Labs.

Read more

Update Chrome now! Google patches critical vulnerability being exploited in the wild

Categories: Exploits and vulnerabilities

Categories: News

Tags: Google

Tags: Chrome

Tags: CVE-2023-4863

Tags: WebP

Tags: buffer overflow

Tags: 116.0.5845.187/.188

Chrome users are being urged to patch a critical vulnerability for which an exploit is available.

(Read more…)

The post Update Chrome now! Google patches critical vulnerability being exploited in the wild appeared first on Malwarebytes Labs.

Read more

Two Apple issues added by CISA to its catalog of known exploited vulnerabilities

Categories: Exploits and vulnerabilities

Categories: News

Tags: Blastpass

Tags: citizenlab

Tags: pegasus

Tags: nso

Tags: cisa

Tags: apple

Tags: cve-2023-41064

Tags: cve-2023-41061

Tags: buffer overflow

CISA has added two recently discovered Apple vulnerabilities to its catalog of known exploited vulnerabilities.

(Read more…)

The post Two Apple issues added by CISA to its catalog of known exploited vulnerabilities appeared first on Malwarebytes Labs.

Read more

Windows 11 is showing its first signs of Rust

Categories: News

Tags: Windows 11

Tags: OS

Tags: operating system

Tags: programming language

Tags: rust

Tags: C

Tags: C++

Tags: kernel

Tags: buffer overflow

We take a look at the slow introduction of programming language Rust into the Windows 11 kernel in an effort to make it more memory safe.

(Read more…)

The post Windows 11 is showing its first signs of Rust appeared first on Malwarebytes Labs.

Read more

Explained: Fuzzing for security

Categories: Explained

Categories: News

Tags: Fuzzing

Tags: fuzz testing

Tags: memory leaks

Tags: runtime errors

Tags: race conditions

Tags: control flow error

Tags: memory allocation

Tags: buffer overflow

Fuzzing is an automated software testing method that uses a wide range of invalid and unexpected data as input to find flaws.

(Read more…)

The post Explained: Fuzzing for security appeared first on Malwarebytes Labs.

Read more

Update WhatsApp now: MP4 video bug exposes your messages

Credit to Author: Lisa Vaas| Date: Wed, 20 Nov 2019 12:33:18 +0000

A now-patched-hole could have allowed remote code execution that could have exposed files and messages. Update your WhatsApp now.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/jIBF0sl6Kuo” height=”1″ width=”1″ alt=””/>

Read more

Critical TLS flaw opens Exim servers to remote compromise

Credit to Author: John E Dunn| Date: Tue, 10 Sep 2019 10:06:43 +0000

A ‘critical’ security vulnerability has been discovered in the Exim mail server that requires admins’ urgent attention.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/2NLa6N1e3Bk” height=”1″ width=”1″ alt=””/>

Read more