In createBluetoothDeviceSlice of ConnectedDevicesSliceProvider.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-185190688
A flaw was found in the Linux kernels implementation of audit rules, where a syscall can unexpectedly not be correctly not be logged by the audit subsystem
Grading system hack causes potentially historic breach of students’ personal data
Alexandre Bartel discovered that DOSBox incorrectly handled
long lines in certain files. An attacker could possibly use
this issue to execute arbitrary code. (CVE-2019-7165)
Alexandre Bartel discovered that DOSBox incorrectly performed
access control over certain directories. An attacker could
possibly use this issue to execute arbitrary code.
(CVE-2019-12594)
Out of caution and in line with best practice, Tenable has opted to upgrade OpenSSL to address the potential impact of the issue. Nessus 8.15.4 and Nessus 10.1.2 update OpenSSL to version 1.1.1n to address the identified vulnerability.
Danilo Ramos discovered that zlib incorrectly handled memory when
performing certain deflating operations. An attacker could use this issue
to cause zlib to crash, resulting in a denial of service, or possibly
execute arbitrary code.
Day 1 will include a talk from Major General Tom Copinger-Symes CBE, director of strategy and military digitisation with UK Strategic Command
Palo Alto Networks has launched a new, fully managed “next-generation” firewall (NGFW) service in partnership with Amazon Web Services designed to remove the complexities of securing AWS cloud deployments. The network firewall vendor says its Cloud NGFW for AWS enables organizations to speed up cloud innovation while remaining secure.
In a press release announcing the new service, Palo Alto Networks says it has recognized that its customers need to dedicate time and resources to building applications and running their businesses instead of managing cloud network security infrastructure. Cloud NGFW for AWS therefore shifts operational responsibility for deployment, maintenance, availability, and scale to the security vendor. “A key reason that companies have embraced the cloud is that they want to concentrate on their core competencies and leave other tasks like infrastructure and underlying services to experts like AWS,” says Anand Oswal, senior vice-president, network security at Palo Alto Networks. “As cyberattacks continue to grow in frequency and sophistication, organizations are looking for network security that is as easy to deploy as other native AWS services.”
The malicious uses of these technologies are scary:
Police reportedly arrived on the scene last week and found the man crouched beside the woman’s passenger side door. According to the police, the man had, at some point, wrapped his Apple Watch across the spokes of the woman’s passenger side front car wheel and then used the Watch to track her movements. When police eventually confronted him, he admitted the Watch was his. Now, he’s reportedly being charged with attaching an electronic tracking device to the woman’s vehicle.
Around two in five businesses experienced breaches or cyber-attacks in the past 12 months
