Microsoft pushes fixes for 128 security bugs in June, 2020 Patch Tuesday

Credit to Author: SophosLabs Offensive Security| Date: Tue, 09 Jun 2020 17:01:17 +0000

In this month&#8217;s Patch Tuesday, a total of 128 security vulnerabilities have been patched in Microsoft products, a slight increase compared to the last few months. Only twelve of the vulnerabilities are rated &#8220;Critical.&#8221; None of the bugs have been found being exploited in the wild (yet). Preceding this month&#8217;s update was a fix for [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/02N0ToRkzv0″ height=”1″ width=”1″ alt=””/>

Read more

How CVSS works: characterizing and scoring vulnerabilities

Credit to Author: Eddie Segal| Date: Wed, 13 May 2020 15:30:00 +0000

CVSS, or Common Vulnerability Scoring System, provides developers, testers, and security professionals with a standardized process to assess vulnerabilities.

Categories:

Tags:

(Read more…)

The post How CVSS works: characterizing and scoring vulnerabilities appeared first on Malwarebytes Labs.

Read more

iOS Mail bug allows remote zero-click attacks

Credit to Author: Thomas Reed| Date: Wed, 22 Apr 2020 17:54:33 +0000

A newly-discovered vulnerability in iOS Mail can be used to attack an iPhone remotely using a malicious e-mail message, even if you’re running the latest version of iOS (13.4.1).

Categories:

Tags:

(Read more…)

The post iOS Mail bug allows remote zero-click attacks appeared first on Malwarebytes Labs.

Read more

Microsoft delivers fixes for 110 bugs in April, 2020 Patch Tuesday

Credit to Author: SophosLabs Offensive Security| Date: Tue, 14 Apr 2020 17:43:55 +0000

For the April edition of Patch Tuesday, Microsoft repaired a total of 110 security vulnerabilities across their product line. Included in this count are 37 remote code execution bugs, and 33 elevation of privilege bugs. The company rated eighteen of the vulnerabilities &#8220;Critical.&#8221; This release&#8217;s most notable item is the follow-up to last month&#8217;s announcement, [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/nZFcJpOgF1I” height=”1″ width=”1″ alt=””/>

Read more

HorseDeal Riding on The Curveball!

Credit to Author: Jayesh kulkarni| Date: Wed, 05 Feb 2020 06:17:49 +0000

It’s surprising to see how quickly attackers make use of new vulnerabilities in malware campaigns. Microsoft recently patched a very interesting vulnerability in their monthly Patch Tuesday update for January 2020. It’s a spoofing vulnerability in Windows CryptoAPI (Crypt32.dll) validation mechanism for Elliptic Curve Cryptography (ECC) certificates. An attacker could…

Read more

January 2020 Patch Tuesday delivers fixes for 50 bugs

Credit to Author: SophosLabs Offensive Security| Date: Tue, 14 Jan 2020 18:15:18 +0000

This month’s big security news from Microsoft is the end of support for Windows 7, and a patch of a cryptographic library<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/wiyw9sHJyLE” height=”1″ width=”1″ alt=””/>

Read more

Have you updated your browser yet? Severe Chrome Zero-day vulnerability getting actively exploited

Credit to Author: Sushmita Kalashikar| Date: Mon, 04 Nov 2019 10:40:59 +0000

Attention! Are you using Chrome as your web browsing software on your Windows, Linux and Mac? High time you update your browser!! That’s right. With Google recently releasing Chrome version 78.0.3904.87 for Windows, Mac, and Linux, there come’s an urgent warning, requesting billions of users to update their software immediately. The warning comes after…

Read more

A week in security (October 14 – 20)

Credit to Author: Malwarebytes Labs| Date: Mon, 21 Oct 2019 15:45:45 +0000

Cybersecurity news for October 14 – 20, including the future of the password, the lingering threat of ransomware, and new security features from Instagram.

Categories:

Tags:

(Read more…)

The post A week in security (October 14 – 20) appeared first on Malwarebytes Labs.

Read more