vulnerability – Page 2 – PossibleThreat Articles

Zero-day vulnerabilities represent an imminent threat to cybersecurity, and in this case, two such vulnerabilities, CVE-2023-38831 and CVE-2023-40477,…

The post THREAT ADVISORY: Zero-Day Vulnerabilities Detected on WinRAR appeared first on Quick Heal Blog.

Security Sophos

S3 Ep149: How many cryptographers does it take to change a light bulb?

August 24, 2023 0 Comments Cybercrime, data loss, Hacking, IoT, Naked Security Podcast, Podcast, Privacy, tp-link, vulnerability, winrar

Credit to Author: Paul Ducklin| Date: Thu, 24 Aug 2023 18:50:02 +0000

Latest episode – listen now! Full transcript inside…

Security Sophos

Smart light bulbs could give away your password secrets

August 22, 2023 0 Comments Cryptography, tapo, tp-link, vulnerability

Credit to Author: Paul Ducklin| Date: Tue, 22 Aug 2023 17:56:44 +0000

Cryptography isn’t just about secrecy. You need to take care of authenticity (no imposters!) and integrity (no tampering!) as well.

MalwareBytes Security

Patch now! Citrix Sharefile joins the list of actively exploited file sharing software

August 18, 2023 0 Comments citrix, cve-2023-24489, Exploits and vulnerabilities, news, poc, rce, sharefile, unauthenticated, vulnerability

Categories: Exploits and vulnerabilities

Categories: News

Tags: Citrix

Tags: ShareFile

Tags: CVE-2023-24489

Tags: RCE

Tags: unauthenticated

Tags: vulnerability

Tags: PoC

Citrix ShareFile can be exploited remotely by unauthenticated attackers.

Security Sophos

Microsoft Patch Tuesday: 74 CVEs plus 2 “Exploit Detected” advisories

August 9, 2023 0 Comments Microsoft, Patch Tuesday, vulnerability, zero day

Credit to Author: Paul Ducklin| Date: Wed, 09 Aug 2023 18:34:44 +0000

74 CVEs, and two “Exploitation Detected” advisories, which are nearly but not quite the same as 0-days. Also, two potential Teams treacheries that you really want to fix.

Security Sophos

S3 Ep146: Tell us about that breach! (If you want to.)

August 3, 2023 0 Comments bwain, data leakage, data loss, firefox, Law & order, Naked Security Podcast, Podcast, sec, vulnerability

Credit to Author: Paul Ducklin| Date: Thu, 03 Aug 2023 17:56:25 +0000

Serious security stories explained clearly in plain English – listen now. (Full transcript available.)

Security Sophos

Performance and security clash yet again in “Collide+Power” attack

August 2, 2023 0 Comments amd, collide+power, cve-2023-20538, data loss, Intel, vulnerability

Credit to Author: Paul Ducklin| Date: Wed, 02 Aug 2023 23:36:23 +0000

It’s a real vulnerability, but the data leakage rate can be as low as… let’s just say that an IMAX-quality copy of the new “Oppenheimer” movie could take you 4 billion years to exfiltrate.

MalwareBytes Security

Minecraft fans beware: Players and servers at risk from BleedingPipe vulnerability

August 2, 2023 0 Comments bleedingpipe, forge, malware, minecraft, mod, personal, players, rce, vulnerability

Categories: Personal

Tags: Minecraft

Tags: mod

Tags: forge

Tags: players

Tags: vulnerability

Tags: RCE

Tags: bleedingpipe

Tags: malware

Minecraft players interested in modding are at risk from a remote code execution vulnerability targeting both players and servers.

Security Sophos

Firefox fixes a flurry of flaws in the first of two releases this month

August 1, 2023 0 Comments firefox, Mozilla, security fix, vulnerability

Credit to Author: Paul Ducklin| Date: Tue, 01 Aug 2023 17:28:38 +0000

No zero-days, but some interesting patches with their very own “teachable moments”.