August 2022 - Page 43 of 75 - Cyber Security News

Two teams of researchers have revealed vulnerabilities this week in Unified Extensible Firmware Interface (UEFI) implementations and bootloaders that could allow attackers to defeat the...

August 12, 2022

Advisories

CVE-2021-29118

An out-of-bounds read vulnerability exists when parsing a specially crafted file in Esri ArcReader 10.8.1 (and earlier) which allow an unauthenticated attacker to induce an...

August 12, 2022

Advisories

CVE-2021-29117

A use-after-free vulnerability when parsing a specially crafted file in Esri ArcReader 10.8.1 (and earlier) allows an unauthenticated attacker to achieve arbitrary code execution in...

August 12, 2022

Advisories

CVE-2021-29112

An out-of-bounds read vulnerability exists when parsing a specially crafted file in Esri ArcReader 10.8.1 (and earlier) which allow an unauthenticated attacker to induce an...

August 12, 2022

Palo Alto Networks Confirms New Zero-Day Being Exploited by Threat Actors

Bitfinex Hacker Jailed for Five Years Over Billion Dollar Crypto Heist

watchTowr Finds New Zero-Day Vulnerability in Fortinet Products

Good Essay on the History of Bad Password Policies

Ransomware Groups Use Cloud Services For Data Exfiltration

O2’s AI Granny Outsmarts Scam Callers with Knitting Tales

Safeguarding Healthcare Organizations from IoMT Risks

An Interview With the Target & Home Depot Hacker

Sitting Ducks DNS Attacks Put Global Domains at Risk

Month: August 2022

GLSA 202208-24: GNU C Library: Multiple Vulnerabilities

GLSA 202208-25: Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vulnerabilities

GLSA 202208-20: Apache HTTPD: Multiple Vulnerabilities

GLSA 202208-21: libebml: Heap buffer overflow vulnerability

GLSA 202208-22: xterm: Multiple Vulnerabilities

Friday Squid Blogging: SQUID Acronym for Making Conscious Choices

New exploits can bypass Secure Boot and modern UEFI security protections

CVE-2021-29118

CVE-2021-29117

CVE-2021-29112