-
Three critical vulnerabilities and one zero-day feature in Microsoft's September Patch Tuesday
News Several issues in the monthly update require 'urgent' attention but September's Patch Tuesday only brings around half the fixes that came in August
News -
Apple patches yet another zero-day flaw in substantial security update
News The updates include fixes for kernel-level code execution bugs, privacy issues, and more - all impacting iPhone and iPad users
News -
Numerous HP business laptops and desktops vulnerable to publicly disclosed security bugs
News Researchers revealed the details of the six vulnerabilities at Black Hat in August but many laptops, desktops, and workstations remain vulnerable
News -
CISA warns against actively exploited Chrome and D-Link security flaws
News The agency has made it imperative for all FCEB agencies to patch their systems before September 29
News -
HP patches high-severity security flaw in its own support tool
News The application that's installed in every HP desktop and notebook was allowing hackers to elevate privileges through a DLL hijacking vulnerability
News -
'Vast majority' of mobile apps found leaking AWS credentials are on iOS
News Only 2% of the apps that were found to be leaking hard-coded AWS credentials were on the Android platform, research has shown
News -
US government set to outlaw leaky software in the military
News The 'secure-by-design' approach has been met broadly positively by experts and will aim to prevent high-profile security incidents
News -
Apple patches 'superpower' zero-days affecting iPhones, iPads, and Macs
News The RCE and kernel-level bugs may have been actively exploited and could give high-level privileges to attackers
News -
SpaceX bug bounty offers up to $25,000 per Starlink exploit
News The spacecraft manufacturer has offered white hats immunity to exploit a wide range of Starlink systems, with a dedicated report page
News -
Zoom patches privilege escalation flaw for macOS users
News Threat actors were able to use the application’s updater to distribute malicious files at superuser level
News -
Dogwalk RCE variant among 121 vulnerabilities fixed in Microsoft's August Patch Tuesday
News The second-biggest security update released by Microsoft this year featured 17 critical-rated RCEs and privilege escalation bugs
News -
Over 200,000 DrayTek routers vulnerable to total device takeover
News The routers are popular with small and medium businesses, but are easily exploitable by threat actors seeking to steal data or launch ransomware
News
