A group of five security vulnerabilities could lead to a range of bad outcomes for virtual-machine enthusiasts, including command execution and DoS.
Threatpost
Posts tagged "Critical"
BlackByte Tackles the SF 49ers & US Critical Infrastructure
Hours before the Superbowl and two days after the FBI warned about the ransomware gang, BlackByte leaked what are purportedly the NFL team’s files.
Critical MQTT-Related Bugs Open Industrial Networks to RCE Via Moxa
A collection of five security vulnerabilities with a collective CVSS score of 10 out of 10 threaten critical infrastructure environments that use Moxa MXview.
Threatpost
No Critical Bugs for Microsoft February 2022 Patch Tuesday, 1 Zero-Day
This batch had zero critical CVEs, which is unheard of. Most (50) of the patches are labeled Important, so don’t delay to apply the patches, security experts said.
Threatpost
Critical Cisco Bugs Open VPN Routers to Cyberattacks
The company’s RV line of small-business routers contains 15 different security vulnerabilities that could enable everything from RCE to corporate network access and denial-of-service – and many have exploits circulating.
Threatpost
Critical Cisco Bugs Open VPN Routers to Cyberattacks
The company’s RV line of small-business routers contains 15 different security vulnerabilities that could enable everything from RCE to corporate network access and denial-of-service – and many have exploits circulating.
Threatpost
Fix for critical Safari bug out now: iPhone, iPad and Mac users should update immediately
Apple has rolled out new versions of its iOS, iPadOS and macOS operating system, patching up a major security flaw in Safari across all of its devices.
This bug leaked users' Google data and browsing history that's stored within the browser, so if you're an Apple user, we recommend you update the operating system on your devices immediately.
The updates include iOS 15.3, iPadOS 15.3 and macOS Monterey 12.2, and while they don't add any new features other than “bug fixes and security updates”, they're still “recommended for all users”.
Apple has also released updates for Big Sur and Catalina (v11.6.3 and Catalina Security Update 2022-001 respectively) for anyone still on the older versions of macOS.
All patched up
Those aren't the only software updates released by Apple – watchOS 8.4, tvOS 15.3, and HomePod Software 15.3 have also been rolled out publicly.
The updated watchOS also fixes some bugs, particularly the issue that prevented some Apple Watch 7 users from properly charging their devices when using specific chargers.
Meanwhile, the latest HomePod update adds “performance and stability improvements” and Siri voice recognition for up to six users. It's worth noting that this particular update is region specific and applies to users speaking in English in India and in Italian.
As for the newly updated tvOS, Apple hasn't shared any details on what the latest version brings, but we can assume it's another round of performance improvements.
Linux Servers at Risk of RCE Due to Critical CWP Bugs
The two flaws in Control Web Panel – a popular web hosting management software used by 200K+ servers – allow code execution as root on Linux servers.
Dark Souls 3 Servers Shut Down Due to Critical RCE Bug
The bug can allow attackers to remotely execute code on gamers’ computers. The devs temporarily deactivated PvP servers across multiple affected versions.
Threatpost
Critical Cisco StarOS Bug Grants Root Access via Debug Mode
Cisco issued a critical fix for a flaw in its Cisco RCM for Cisco StarOS Software that could give attackers RCE on the application with root-level privileges.