September 2022 - Page 40 of 83 - Cyber Security News

ZDI-22-1284: Microsoft Windows DirectX Graphics Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code...

September 19, 2022

Advisories

ZDI-22-1285: Microsoft Windows Group Policy Preference Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. This vulnerability is dependent upon a Group Policy setting, and an...

September 19, 2022

Advisories

ZDI-22-1286: Microsoft PowerPoint PPTX File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft PowerPoint. User interaction is required to exploit this vulnerability in that...

September 19, 2022

Advisories

ZDI-22-1287: Microsoft Office Visio EMF File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in...

September 19, 2022

Advisories

webkitgtk-2.38.0-1.fc37

FEDORA-2022-4f12baa610 Packages in this update: webkitgtk-2.38.0-1.fc37 Update description: Update to 2.38.0 Security fixes: CVE-2022-32886 Read More

September 17, 2022

News

New Spear Phish Methodology Relies on PuTTY SSH Client to Infect Systems

It tried to trick victims into clicking on malicious files as part of a fake Amazon job assessment Read More

September 17, 2022

News

CISA Expands Vulnerabilities Catalog With Old, Exploited Flaws

Four of the CVEs posted are from 2013, and one is from 2010 Read More

September 17, 2022

Advisories

DSA-5231 connman – security update

Several vulnerabilities were discovered in ConnMan, a network manager for embedded devices, which could result in denial of service or the execution of arbitrary code....

September 17, 2022

Advisories

FEDORA-2022-ece798a8d4 Packages in this update: webkit2gtk3-2.38.0-2.fc35 Update description: New media controls UI style. Add new API to set WebView’s Content-Security-Policy for web extensions support. Make...

September 16, 2022

Advisories

webkit2gtk3-2.38.0-2.fc36

FEDORA-2022-a77b646471 Packages in this update: webkit2gtk3-2.38.0-2.fc36 Update description: New media controls UI style. Add new API to set WebView’s Content-Security-Policy for web extensions support. Make...

September 16, 2022

Friday Squid Blogging: Cotton-and-Squid-Bone Sponge

Apps That Are Spying on Your Location

Cybercriminals Use Fake CrowdStrike Job Offers to Distribute Cryptominer

Slovakia Hit by Historic Cyber-Attack on Land Registry

Canadian man loses a cryptocurrency fortune to scammers – here’s how you can stop it happening to you

Medusind Breach Exposes Sensitive Patient Data

Fake PoC Exploit Targets Security Researchers with Infostealer

Smashing Security podcast #399: Honey in hot water, and reset your devices

Space Bears ransomware: what you need to know

Month: September 2022

ZDI-22-1284: Microsoft Windows DirectX Graphics Use-After-Free Local Privilege Escalation Vulnerability

ZDI-22-1285: Microsoft Windows Group Policy Preference Link Following Local Privilege Escalation Vulnerability

ZDI-22-1286: Microsoft PowerPoint PPTX File Parsing Use-After-Free Remote Code Execution Vulnerability

ZDI-22-1287: Microsoft Office Visio EMF File Parsing Memory Corruption Remote Code Execution Vulnerability

webkitgtk-2.38.0-1.fc37

New Spear Phish Methodology Relies on PuTTY SSH Client to Infect Systems

CISA Expands Vulnerabilities Catalog With Old, Exploited Flaws

DSA-5231 connman – security update

webkit2gtk3-2.38.0-2.fc35

webkit2gtk3-2.38.0-2.fc36