Dangerous Android phone 0-day bugs revealed – patch or work around them now!
Despite its usually inflexible 0-day disclosure policy, Google is keeping four mobile modem bugs semi-secret due to likely ease of exploitation.
Continue ReadingCategory: Patches
S3 Ep107: Eight months to kick out the crooks and you think that’s GOOD? [Audio + Text]
Listen now – latest episode – audio plus full transcript
Continue ReadingExtra, Extra, VERT Reads All About It: Cybersecurity News for the Week of April 25, 2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of April 25, 2022. I’ve also included some comments on these stories. Homeland Security bug bounty program uncovers 122 holes […]
Continue ReadingS3 Ep77: Bugs, busts and old-school PDP-11 hacking [Podcast]
Latest episode – listen now! Cybersecurity news and advice in plain English.
Continue ReadingGamers update! Nvidia patches GPU driver kernel escalation bugs
Patch early, patch often. Here’s why it’s worth it. Source: Naked Security Sophos New feed
Continue ReadingSloppy patches are a breeding ground for zero-day exploits, says Google
Security researchers at Google have claimed that a quarter of all zero-day software exploits could have been avoided if more effort had been made by vendors when creating patches for vulnerabilities in their software. In a blog post, Maddie Stone of Google’s Project Zero team says that 25% of the zero-day exploits detected in 2020 […]
Continue ReadingAdobe Fixes 16 Critical Code-Execution Bugs Across Portfolio
The out-of-band patches follow a lighter-than-usual Patch Tuesday update earlier this month. Source: Threatpost.com Adobe Fixes 16 Critical Code-Execution Bugs Across Portfolio
Continue ReadingOctober Patch Tuesday: Microsoft Patches Critical, Wormable RCE Bug
There were 11 critical bugs and six that were unpatched but publicly known in this month’s regularly scheduled Microsoft updates. Source: Threatpost.com October Patch Tuesday: Microsoft Patches Critical, Wormable RCE Bug
Continue ReadingCisco Fixes High-Severity Webex, Security Camera Flaws
Three high-severity flaws exist in Cisco’s Webex video conferencing system, Cisco’s Video Surveillance 8000 Series IP Cameras and Identity Services Engine. Source: Threatpost.com Cisco Fixes High-Severity Webex, Security Camera Flaws
Continue ReadingGoogle’s Chrome 86: Critical Payments Bug, Password Checker Among Security Notables
Google is rolling out 35 security fixes, and a new password feature, in Chrome 86 versions for Windows, Mac, Android and iOS users. Source: Threatpost.com Google’s Chrome 86: Critical Payments Bug, Password Checker Among Security Notables
Continue Reading