vulnerability – Page 29 – PossibleThreat Articles

Google announces zero-day in Chrome browser – update now!

February 15, 2022 0 Comments chrome, chromium, cve-2022-0609, Google, Google Chrome, Microsoft Edge, vulnerability, zero day

Credit to Author: Paul Ducklin| Date: Tue, 15 Feb 2022 16:17:45 +0000

Zero-day buses: none for a while, then three at once. Here’s Google joining Apple and Adobe in “zero-day week”

Security Sophos

Adobe fixes zero-day exploit in e-commerce code: update now!

February 14, 2022 0 Comments Adobe, cve-2022-24086, Exploit, vulnerability, zero day

Credit to Author: Paul Ducklin| Date: Mon, 14 Feb 2022 22:38:58 +0000

There’s a remote code execution hole in Adobe e-commerce products – and cybercrooks are already exploiting it.

Security Sophos

Power company pays out $3 trillion compensation to astonished customer

February 14, 2022 0 Comments numeric overflow, overpayment, vulnerability

Credit to Author: Paul Ducklin| Date: Mon, 14 Feb 2022 14:58:55 +0000

More money than the UK’s economy produces in a year!

Security Sophos

Apple zero-day drama for Macs, iPhones and iPads – patch now!

February 11, 2022 0 Comments Apple, cve-2022-22620, iOS, iPad, iPhone, MacOS, OS X, vulnerability

Credit to Author: Paul Ducklin| Date: Fri, 11 Feb 2022 14:25:40 +0000

Sudden update! Zero-day browser hole! Drive-by malware danger! Patch Apple laptops and phones now…

Security Sophos

Microsoft blocks web installation of its own App Installer files

February 7, 2022 0 Comments app bundle, app installer, cve-2021-43890, malware, msix, phishing, vulnerability, Windows

Credit to Author: Paul Ducklin| Date: Mon, 07 Feb 2022 16:36:25 +0000

It’s a big deal when a vendor decides to block one of its own “features” for security reasons. Here’s why we think it’s a good idea.

QuickHeal Security

CVE-2021-44228: New Apache Log4j ‘Log4Shell’ Zero-Day Being Exploited in the Wild

February 2, 2022 0 Comments #log4 shell, #zeroday, apache, cybersecurity, log4j, vulnerability

Credit to Author: Quickheal| Date: Wed, 15 Dec 2021 10:34:59 +0000

A critical zero-day vulnerability (CVE-2021-44228) recently discovered Apache Log4J, the popular java open source logging library used in…

The post CVE-2021-44228: New Apache Log4j ‘Log4Shell’ Zero-Day Being Exploited in the Wild appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.

Security Sophos

Log4Shell: How the Attackers’ Faces Have Changed Over Time

February 2, 2022 0 Comments Exploit, featured, log4j, log4shell, security operations, threat research, vulnerability

Credit to Author: Chester Wisniewski| Date: Wed, 02 Feb 2022 09:34:16 +0000

Following an article on January 24, 2022 of Log4Shell scanning and attack detections since the bug was reported, Sophos addresses reader questions about who’s behind it all

Security Sophos

Log4Shell: No Mass Abuse, But No Respite, What Happened?

February 2, 2022 0 Comments Exploit, featured, log4j, log4shell, mtr, security operations, threat research, vulnerability

Credit to Author: Chester Wisniewski| Date: Mon, 24 Jan 2022 17:52:07 +0000

Sophos reviews the scanning and attack detections for Log4Shell to see what’s really going on

Security Sophos

Elementor WordPress plugin has a gaping security hole – update now

February 2, 2022 0 Comments vulnerability

Credit to Author: Paul Ducklin| Date: Wed, 02 Feb 2022 17:11:55 +0000

We shouldn’t need to say, “Check your inputs!” these days, but we’re saying it anyway.

Security Sophos

Linux kernel patches “performance can be harmful” bug in video driver

February 2, 2022 0 Comments cve-2022-0330, data loss, drm/i915, Linux, vulnerability

Credit to Author: Paul Ducklin| Date: Tue, 01 Feb 2022 19:59:08 +0000

This bug is fiendishly hard to exploit – but if you patch, it won’t be there to exploit at all.