vulnerabilitiesBand-aid on a… corpse: Microsoft patches IE — again
July Microsoft Patch Tuesday: a collection of exploited vulnerabilities.
vulnerabilities
168 articles
New hardware vulnerability in Intel processors
A brief, plain-language explanation of an advanced method of data theft using features of modern CPUs.
Internet Explorer is finally dead. Or is it?
In its February update, Microsoft buried Internet Explorer once and for all. Or did it? We investigate what really happened.
ChromeAnd now it’s Chrome needs updating!
Why you should update to the latest version of Google Chrome, Microsoft Edge, Opera, Yandex Browser, Vivaldi, Brave and other Chromium-based browsers.
iOSUpdate iOS and macOS right now — again!
Once again, very serious vulnerabilities have been found in Apple operating systems. Don’t delay updating to iOS 16.4.1 and macOS 13.3.1. Please note that updates are also available for iOS 15 and macOS 11 and 12.
CVE-2023-28252 zero-day vulnerability in CLFS
Kaspersky experts discover a CLFS vulnerability being exploited by cybercriminals.
SamsungRemote hacking of Samsung, Google and Vivo smartphones: the problem and the solution
Vulnerabilities found in the Exynos chipset allow Samsung, Vivo and Google smartphones to be remotely hacked if the owner’s phone number is known. How is this possible, and how to protect yourself?
Why you need to update iOS and macOS ASAP
You shouldn’t put off updating to iOS 16.3 and macOS Ventura 13.2 and future updates, and here’s why.
Major Android vulnerability goes unclosed for… almost six months!
One of the most curious and menacing bugs in Android smartphones, and the problems they had closing it.
Newly-discovered Signal vulnerabilities — how dangerous are they?
Researchers have found vulnerabilities in the desktop client of the Signal messenger. Let’s see how dangerous they really are.
tipsCybersecure Christmas
Many hacks have started during Christmas holidays. A few simple tips will reduce the chances of your company becoming the next victim.
Log4Shell a year on
A year after discovery, the Log4Shell vulnerability is still making itself felt.
The Long Road to Safe RAM Handling
We investigate the connection between software security and leaks when handling RAM.
Prices down, miners up
In 2022, cryptocurrency prices fell sharply, but malicious miners are more active than ever.
The consequences of a years-old SQLite vulnerability
An interesting bug in one of the most popular embedded DBMS.
The life and death of Adobe Flash
How a vector graphics editor helped create one of the internet’s most important technologies, and why it led to huge security risks.
Vulnerability in Zimbra exploiting ITW
Servers with the Zimbra Collaboration suit installed are being attacked via an archive unpacking tool.
Vulnerable updates in Cisco enterprise software
How even high-end solutions for business can have “childish” bugs in their update delivery systems.
The dangers of 15-year-old vulnerabilities
The developers of a run-of-the-mill Python module recently found out why old unpatched vulnerabilities can be dangerous.
Patches for 64 vulnerabilities in Microsoft products released
It’s time to update! Microsoft patches 64 vulnerabilities in a variety of products and components — from Windows and Office to Defender and Azure.
Weaponizing game code to attack a company
An unusual case of an attack executed by weaponizing legit video game code.