Flaw in macOS Archive Utility let attackers bypass Gatekeeper
One of the best reasons to keep macOS up to date is protecting yourself against security issues — and Jamf found a big one in the summer of 2022 that allowed attackers to bypass macOS Gatekeeper.macOS Archive UtilityJamf Threat Labs found the vulne.....»»
Adobe Acrobat Reader has a serious security flaw — so patch now
A bug allows threat actors to launch malicious code on Acrobat Reader remotely, and it's already being used in the wild......»»
Google Search will now show you archived web pages
It looks like Google Search will make it easier for you to find archived web pages, thanks to the Internet Archive’s Wayback Machine. The post Google Search will now show you archived web pages appeared first on Phandroid. Web pages, for.....»»
Google Search has a new way of preserving internet history
Google has started adding Internet Archive links to search results so people can view older versions of websites......»»
Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847)
Ivanti has fixed a slew of vulnerabilities affecting its Endpoint Manager solution, including a maximum severity one (CVE-2024-29847) that may allow unauthenticated attackers to remotely execute code in the context of the vulnerable system, and use i.....»»
Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes
September 2024 Patch Tuesday is here and Microsoft has delivered 79 fixes, including those for a handful of zero-days (CVE-2024-38217, CVE-2024-38226, CVE-2024-38014, CVE-2024-43461) exploited by attackers in the wild, and a Windows 10 code defect (C.....»»
Zyxel fixes critical command injection flaw in EOL NAS devices (CVE-2024-6342)
Users of Zyxel network-attached storage (NAS) devices are urged to implement hotfixes addressing a critical and easily exploited command injection vulnerability (CVE-2024-6342). About CVE-2024-6342 Zyxel NAS devices are generally used by small to med.....»»
Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711)
CVE-2024-40711, a critical vulnerability affecting Veeam Backup & Replication (VBR), could soon be exploited by attackers to steal enterprise data. Discovered and reported by Code WHite researcher Florian Hauser, the vulnerability can be leveraged fo.....»»
Apple will release iOS 18, macOS 15, iPadOS 18, other updates on September 16
Apple Intelligence won’t be part of the initial launch. Enlarge (credit: Apple) Apple plans to release the next versions of iOS, iPadOS, macOS, and watchOS to the general public on September 16, the company announced v.....»»
Phishing in focus: Disinformation, election and identity fraud
The frequency of phishing attacks is rising as attackers increasingly utilize AI to execute more scams than ever before. In this Help Net Security video, Abhilash Garimella, Head Of Research at Bolster, discusses how phishing scams are now being host.....»»
Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195)
For the fourth time in the last five months, Apache OFBiz users have been advised to upgrade their installations to fix a critical flaw (CVE-2024-45195) that could lead to unauthenticated remote code execution. About CVE-2024-45195 Apache OFBiz is an.....»»
Respotter: Open-source Responder honeypot
Respotter is an open-source honeypot designed to detect attackers when they launch Responder within your environment. This application identifies active instances of Responder by exploiting its behavior when responding to any DNS query. Respotter lev.....»»
WhatsApp will soon discontinue its old Electron app for macOS
WhatsApp last year launched a new version of its macOS app that was completely rebuilt from scratch. Although users could still use the old Electron-based WhatsApp, Meta has now confirmed that it will soon be discontinued and shut down. more….....»»
Internet Archive’s e-book lending is not fair use, appeals court rules
Publishers prevail despite lack of proof of market harm. Enlarge (credit: tunart | iStock / Getty Images Plus) The Internet Archive has lost its appeal after book publishers successfully sued to block the Open Libraries.....»»
Vulnerability allows Yubico security keys to be cloned
Researchers have unearthed a cryptographic vulnerability in popular Yubico (FIDO) hardware security keys and modules that may allow attackers to clone the devices. But the news is not as catastrophic as it may seem at first glance. “The attacke.....»»
Security Bite: Apple addresses privacy concerns around Notification Center database in macOS Sequoia (Update)
9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art App.....»»
Apple @ Work Podcast: The future of identity on macOS at work
Apple @ Work is exclusively brought to you by Mosyle, the only Apple Unified Platform. Mosyle is the only solution that integrates in a single professional-grade platform all the solutions necessary to seamlessly and automatically deploy, manage & p.....»»
Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261)
Zyxel has patched a myriad of vulnerabilities in its various networking devices, including a critical one (CVE-2024-7261) that may allow unauthenticated attackers to execute OS commands on many Zyxel access points (APs) and security routers by sendin.....»»
Research exposes how repeated information warps our decisions
Imagine the decisions you make every day, such as what to buy, who to trust, or who to vote for, are heavily influenced by a simple yet powerful flaw in your reasoning. Economists at the University of Surrey argue that people are systematically decei.....»»
A macro look at the most pressing cybersecurity risks
Forescout’s 2024H1 Threat Review is a new report that reviews the current state of vulnerabilities, threat actors, and ransomware attacks in the first half of 2024 and compares them to H1 2023. “Attackers are looking for any weak point to bre.....»»
iOS 18.1 beta 3 expands Apple Intelligence notification summaries beyond Messages and Mail
Today Apple released beta 3 for iOS 18.1, iPadOS 18.1, and macOS Sequoia 15.1. These updates include some key new Apple Intelligence capabilities not available in previous betas. One such addition brings an expansion of what may be the killer Apple I.....»»