Internet Security

December 2022 Patch Tuesday fixed 2 zero-day flaws

December 14, 2022 add comment
Microsoft released December 2022 Patch Tuesday security updates that fix 52 vulnerabilities across its products. Microsoft December 2022 Patch Tuesday security updates addressed 52 vulnerabilities in Microsoft Windows and Windows Components; Azure;... Read more »

Apple fixed the tenth actively exploited zero-day this year

December 14, 2022 add comment
Apple rolled out security updates to iOS, iPadOS, macOS, tvOS, and Safari to fix a new actively exploited zero-day (CVE-2022-42856). Apple released security updates to address a new zero-day... Read more »

3.5m IP cameras exposed, with US in the lead

December 14, 2022 add comment
The number of internet-facing cameras in the world is growing exponentially. Some of the most popular brands don’t enforce a strong password policy, meaning anyone can peer into their... Read more »

VMware fixed critical VM Escape bug demonstrated at Geekpwn hacking contest

December 14, 2022 add comment
VMware fixed three flaws in multiple products, including a virtual machine escape issue exploited at the GeekPwn 2022 hacking competition. VMware addressed three vulnerabilities in multiple products, including a... Read more »

Citrix and NSA urge admins to fix actively exploited zero-day in Citrix ADC and Gateway

December 13, 2022 add comment
Citrix urges customers to update their installs to fix actively exploited zero-day (CVE-2022-27518) in Citrix ADC and Gateway. Citrix urges administrators to apply security updates for a zero-day vulnerability,... Read more »

Lockbit ransomware gang hacked California Department of Finance

December 13, 2022 add comment
LockBit ransomware gang hacked the California Department of Finance and threatens to leak data stolen from its systems. The LockBit ransomware gang claims to have stolen 76Gb from the... Read more »

Experts detailed a previously undetected VMware ESXi backdoor

December 13, 2022 add comment
A new Python backdoor is targeting VMware ESXi servers, allowing attackers to take over compromised systems. Juniper Networks researchers spotted a previously undocumented Python backdoor targeting VMware ESXi servers.... Read more »

Twitter says recently leaked user data are from 2021 breach

December 13, 2022 add comment
Twitter confirmed that the recent leak of members’ profile information resulted from the 2021 data breach disclosed in August 2022. Twitter confirmed that the recent data leak of millions... Read more »

Fortinet urges customers to fix actively exploited FortiOS SSL-VPN bug

December 12, 2022 add comment
Fortinet fixed an actively exploited FortiOS SSL-VPN flaw that could allow a remote, unauthenticated attacker to execute arbitrary code on devices. Fortinet urges customers to update their installs to address... Read more »

Indian foreign ministry’s Global Pravasi Rishta portal leaks expat passport details

December 12, 2022 add comment
The Cybernews research team reported that India’s government platform Global Pravasi Rishta Portal was leaking sensitive user data. Original post @ https://cybernews.com/security/indias-foreign-ministry-leaks-passport-details/ The Global Pravasi Rishta Portal, India’s government... Read more »
Subscribe to our Newsletter