Update your iPhone – remote control holes revealed by researchers

Credit to Author: Paul Ducklin| Date: Thu, 08 Aug 2019 14:01:41 +0000

You might not think your phone is as exposed as an internet server – but it’s handling plenty of untrusted data from unknown sources!<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/Ri0849b3RDo” height=”1″ width=”1″ alt=””/>

Read more

A case study in industry collaboration: Poisoned RDP vulnerability disclosure and response

Credit to Author: Eric Avena| Date: Wed, 07 Aug 2019 23:50:25 +0000

Through a cross-company, cross-continent collaboration, we discovered a vulnerability, secured customers, and developed fix, all while learning important lessons that we can share with the industry.

The post A case study in industry collaboration: Poisoned RDP vulnerability disclosure and response appeared first on Microsoft Security.

Read more

BlueKeep guides make imminent public exploit more likely

Credit to Author: Danny Bradbury| Date: Fri, 26 Jul 2019 11:40:12 +0000

A public exploit for Microsoft’s BlueKeep vulnerability is just days away. In fact, for those with deep pockets, it’s already here.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/ECYOzBCkJ4g” height=”1″ width=”1″ alt=””/>

Read more

A new Equation Editor exploit goes commercial, as maldoc attacks using it spike

Credit to Author: Gabor Szappanos| Date: Thu, 18 Jul 2019 16:00:18 +0000

Weaponized RTF documents adopt CVE-2018-0798, another Equation Editor vulnerability<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/ltjXsAajVFc” height=”1″ width=”1″ alt=””/>

Read more

CVE-2019-0888: Use-After-Free in Windows ActiveX Data Objects (ADO)

Credit to Author: SophosLabs Offensive Security| Date: Tue, 09 Jul 2019 14:00:58 +0000

Details of the vulnerability we reported to Microsoft and was fixed in last month’s Patch Tuesday<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/-BE2g_tELic” height=”1″ width=”1″ alt=””/>

Read more