Apple issues emergency patches for spyware-style 0-day exploits – update now!
A bug to hack your browser, then a bug to pwn the kernel… reported from the wild by Amnesty International.
Cyber News, Cyber Threat Trends
- April 9, 2023
- April 9, 2023
Researchers Discover Critical Remote Code Execution Flaw in vm2 Sandbox Library
The maintainers of the vm2 JavaScript sandbox module have shipped a patch to address a critical flaw that could be abused to break out of security boundaries and execute arbitrary shellcode. The flaw, which affects all versions, including and prior to 3.9.14, was reported by researchers from South Korea-based KAIST WSP Lab on April 6, 2023, prompting vm2 to […]
Cyber News, Cyber Threat Trends
- April 9, 2023
Expert-Led Webinar: Learn Proven Strategies to Secure Your Identity Perimeter
The stakes are high when it comes to cybersecurity. No longer are we dealing with unskilled hackers trying to break into corporate systems with brute force. Today, cybercriminals are using highly sophisticated methods like social engineering, spear phishing, and BEC to target users directly and log in with valid credentials. This is why the identity […]
Cyber News, Cyber Threat Trends
- April 9, 2023
Apple Releases Updates to Address Zero-Day Flaws in iOS, iPadOS, macOS, and Safari
Apple on Friday released security updates for iOS, iPadOS, macOS, and Safari web browser to address a pair of zero-day flaws that are being exploited in the wild. The two vulnerabilities are as follows – CVE-2023-28205 – A use after free issue in WebKit that could lead to arbitrary code execution when processing specially crafted web content. CVE-2023-28206 – An out-of-bounds write issue in
Cyber News, Cyber Threat Trends
- April 9, 2023
Iran-Based Hackers Caught Carrying Out Destructive Attacks Under Ransomware Guise
The Iranian nation-state group known as MuddyWater has been observed carrying out destructive attacks on hybrid environments under the guise of a ransomware operation. That’s according to new findings from the Microsoft Threat Intelligence team, which discovered the threat actor targeting both on-premises and cloud infrastructures in partnership with another emerging activity cluster dubbed
Cyber News, Cyber Threat Trends
- April 9, 2023
Taiwanese PC Company MSI Falls Victim to Ransomware Attack
Taiwanese PC company MSI (short for Micro-Star International) officially confirmed it was the victim of a cyber attack on its systems. The company said it “promptly” initiated incident response and recovery measures after detecting “network anomalies.” It also said it alerted law enforcement agencies of the matter. That said, MSI did not disclose any specifics […]
Cyber News, Cyber Threat Trends
- April 9, 2023
Popular server-side JavaScript security sandbox “vm2” patches remote execution hole
The security error was in the error handling system that was supposed to catch potential security errors…
Cyber News, Cyber Threat TrendsFriday Squid Blogging: Squid Food Poisoning
University of Connecticut basketball player Jordan Hawkins claims to have suffered food poisoning from calamari the night before his NCAA finals game. The restaurant disagrees: On Sunday, a Mastro’s employee politely cast doubt on the idea that the restaurant might have caused the illness, citing its intense safety protocols. The staffer, who spoke on condition […]
Cyber News, Cyber Threat TrendsDDoS attacks rise as pro-Russia groups attack Finland, Israel
Two Russia-associated groups hit Israel and Finland with DDoS attacks, this week. Cybersecurity experts say the actions represent a marked increase in exploits and a harbinger of cyberattacks to come. The post DDoS attacks rise as pro-Russia groups attack Finland, Israel appeared first on TechRepublic.
Cyber News, Cyber Threat Trends