Serious vulnerabilities in Matrix’s end-to-end encryption have been patched
Previously overlooked flaws allow malicious homeservers to decrypt and spoof messages. Enlarge (credit: matrix.org) Developers of the open source Matrix messenger protocol released an update on Wednesday to fix critical end-to.....»»
Systems used by courts and governments across the US riddled with vulnerabilities
With hundreds of courts and agencies affected, chances are one near you is, too. Enlarge (credit: Getty Images) Public records systems that courts and governments rely on to manage voter registrations and legal filings h.....»»
CUPS vulnerabilities affecting Linux, Unix systems can lead to RCE
After much hyping and following prematurely leaked information by a third party, security researcher Simone Margaritelli has released details about four zero-day vulnerabilities in the Common UNIX Printing System (CUPS) that can be abused by remote,.....»»
The number of Android memory safety vulnerabilities has tumbled, and here’s why
Google’s decision to write new code into Android’s codebase in Rust, a memory-safe programming language, has resulted in a significant drop in memory safety vulnerabilities, despite old code (written in C/C++) not having been rewritten. T.....»»
Cloudflare helps secure popular messaging applications
Cloudflare announced a new service to verify the integrity of public keys in the end-to-end encryption of popular messaging applications. When using end-to-end encryption messaging applications, a public-private key exchange encrypts messages to prot.....»»
Evaluating embedded vulnerabilities and cybersecurity risks in procurement
Evaluating embedded vulnerabilities and cybersecurity risks in procurement.....»»
Week in review: Critical VMware vCenter Server bugs fixed, Apple releases iOS 18
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Critical VMware vCenter Server bugs fixed (CVE-2024-38812) Broadcom has released fixes for two vulnerabilities affecting VMware vCenter Server that.....»»
Arc Browser had a ‘serious’ security vulnerability last month, now patched
Back in late August, The Browser Company – the company behind the popular Mac browser Arc, became aware of a serious security vulnerability in the browser, one that could allow for remote code execution on other users computer with no direct intera.....»»
Apache HugeGraph-Server flaw actively exploited, CISA warns
The vulnerability has been patched months ago, but now federal agencies have a deadline to patch......»»
Google working on RCS encryption between Android and iPhone
With RCS rolling out on the iPhone yesterday, Google is looking ahead on new features including cross-platform end-to-end encryption (E2EE) between Android and iPhone. more….....»»
Discord end-to-end encryption rolling out today for audio and video calls
Discord end-to-end encryption (E2EE) is rolling out today for both audio and video calls. You can update to the latest mobile and desktop apps to get access to the privacy protection today. There are, however, some exceptions to strong encryption,.....»»
RCS messages between Android and iPhone is about to get more secure
It looks like Google is working to bring end-to-end encryption for RCS messages sent between Android and iPhone devices. The post RCS messages between Android and iPhone is about to get more secure appeared first on Phandroid. For the long.....»»
Discord is FINALLY adding support for encryption
It seems that after years, Discord is finally adding support for end-to-end encryption for audio and video calls. The post Discord is FINALLY adding support for encryption appeared first on Phandroid. End-to-end encryption is something pre.....»»
Critical VMware vCenter Server bugs fixed (CVE-2024-38812)
Broadcom has released fixes for two vulnerabilities affecting VMware vCenter Server that can be triggered by sending a specially crafted network packet, and could lead to remote code execution (CVE-2024-38812) or privilege escalation (CVE-2024-38813).....»»
Today’s release of macOS Sequoia brings 70+ new security fixes
macOS Sequoia has officially launched with new features and improvements such as window tiling, iPhone Mirroring, the new Password app, and more. But under the hood, Apple delivered a staggering amount of patched bugs/vulnerabilities to Mac users. Th.....»»
Sourcepoint helps companies mitigate vulnerabilities across various privacy regulations
Sourcepoint announced significant enhancements to its compliance monitoring suite. These solutions are designed to help companies navigate the increasingly complex landscape of digital privacy laws and mitigate risks associated with the growing trend.....»»
Trends and dangers in open-source software dependencies
A C-suite perspective on potential vulnerabilities within open-source dependencies or software packages reveals that, while remediation costs for dependency risks are perilously high, function-level reachability analysis still offers the best value i.....»»
Dual-feedback mechanism can enhance anti-oxidation coatings in fiber composites
Fiber-reinforced ceramic matrix composites (CMCs) have been the primary choice for radome materials in hypersonic vehicles due to their high toughness, strength, and other advantageous properties. However, oxidation by oxygen in the atmospheric envir.....»»
As quantum computing threats loom, Microsoft updates its core crypto library
Two algorithms added so far, two more planned in the coming months. Enlarge (credit: Getty Images) Microsoft has updated a key cryptographic library with two new encryption algorithms designed to withstand attacks from q.....»»
Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847)
Ivanti has fixed a slew of vulnerabilities affecting its Endpoint Manager solution, including a maximum severity one (CVE-2024-29847) that may allow unauthenticated attackers to remotely execute code in the context of the vulnerable system, and use i.....»»
Tenable AI Aware provides exposure insight into AI applications, libraries and plugins
Tenable released AI Aware, advanced detection capabilities designed to surface artificial intelligence solutions, vulnerabilities and weaknesses available in Tenable Vulnerability Management. Tenable AI Aware provides exposure insight into AI applica.....»»