13 Jul Cisco SD-WAN vManage impacted by unauthenticated REST API accessThe Cisco SD-WAN vManage management software is impacted by a flaw that allows an unauthenticated, remote attacker to gain read or limited write permissions to the configuration of the affected instance. […]
13 Jul Google Play will enforce business checks to curb malware submissionsGoogle is fighting back against the constant invasion of malware on Google Play by requiring all new developer accounts registering as an organization to provide a valid D-U-N-S number before submitting apps. […]
13 Jul Windows 11 23H2 coming this fall as a small enablement packageMicrosoft announced today that the upcoming Windows 11, version 23H2, will be available in the fourth quarter of 2023 as an enablement package since it shares Windows 11 22H2’s code base and servicing branch. […]
13 Jul Fake Linux vulnerability exploit drops data-stealing malwareCybersecurity researchers and threat actors are targeted by a fake proof of concept (PoC) CVE-2023-35829 exploit that installs a Linux password-stealing malware. […]
13 Jul Zimbra urges admins to manually fix zero-day exploited in attacksZimbra urged admins today to manually fix a zero-day vulnerability actively exploited to target and compromise Zimbra Collaboration Suite (ZCS) email servers. […]
12 Jul New PyLoose Linux malware mines crypto directly from memoryA new fileless malware named PyLoose has been targeting cloud workloads to hijack their computational resources for Monero cryptocurrency mining. […]
12 Jul Apple re-releases zero-day patch after fixing browsing issueApple fixed and re-released emergency security updates addressing a WebKit zero-day vulnerability exploited in attacks. The initial patches had to be withdrawn on Monday due to browsing issues on certain websites. […]
12 Jul SonicWall warns admins to patch critical auth bypass bugs immediatelySonicWall warned customers today to urgently patch multiple critical vulnerabilities impacting the company’s Global Management System (GMS) firewall management and Analytics network reporting engine software suites. […]
12 Jul Russian state hackers lure Western diplomats with BMW car adsThe Russian state-sponsored hacking group ‘APT29’ (aka Nobelium, Cloaked Ursa) has been using unconventional lures like car listings to entice diplomats in Ukraine to click on malicious links that deliver malware. […]
12 Jul New Windows 11 build ships with more Rust-based Kernel featuresMicrosoft announced that the latest Windows 11 build shipping to Insiders in the Canary channel comes with additional Windows Kernel components rewritten in the memory safety-focused Rust programming language. […]