Search cyberveille.decio.ch

Found 9 bookmarks

Custom sorting

Sophos has patched EOL Firewall versions against a critical flaw exploited in the wild, after identifying a new exploit.

UK-based cybersecurity firm Sophos this week announced patches for an exploited vulnerability in Firewall versions that have reached End-of-Life (EOL). The critical-severity flaw, tracked as CVE-2022-3236, was found to impact versions 19.0 MR1 (19.0.1) and older of the product. It was originally patched in September 2022, but only in supported versions of Sophos Firewall. Sophos describes the security defect as a code injection issue in the Firewall’s User Portal and Webadmin components, allowing attackers to achieve remote code execution (RCE).

#securityweek #EN #2023 #Sophos #CVE-2022-3236 #critical-severity #EOL #Firewall #patch

·securityweek.com·Dec 18, 2023

Sophos has patched EOL Firewall versions against a critical flaw exploited in the wild, after identifying a new exploit.

Apple Releases Security Updates to Patch Critical iOS and macOS Security Flaws

Apple has released patches for iOS, iPadOS, macOS, tvOS, watchOS, and Safari to address multiple vulnerabilities.

#thehackernews #EN #2023 #Apple #Security #Updates #November2023 #iOS #macOS #tvOS #watchOS #patch #CVE-2023-45866

·thehackernews.com·Dec 12, 2023

Apple Releases Security Updates to Patch Critical iOS and macOS Security Flaws

Microsoft Patch Tuesday November 2023

Today, Microsoft released patches for 64 different vulnerabilities in Microsoft products, 14 vulnerabilities in Chromium affecting Microsoft Edge, and five vulnerabilities affecting Microsoft's Linux distribution, Mariner. Three of these vulnerabilities are already being exploited, and three have been made public before the release of the patches.

#isc.sans.edu #EN #2023 #Microsoft #Patch #patch-tuesday #November2023

·isc.sans.edu·Nov 14, 2023

Microsoft Patch Tuesday November 2023

Apple neglects to patch multiple critical vulnerabilities in macOS

Apple is neglecting to patch high-severity vulnerabilities in open-source components of macOS Sonoma, including curl and LibreSSL.

#intego #EN #2023 #Apple #patch #high-severity #macOS #Sonoma #curl #open-source

·intego.com·Nov 11, 2023

Apple neglects to patch multiple critical vulnerabilities in macOS

Mozilla patches Firefox, Thunderbird against zero-day exploited in attacks

Mozilla released emergency security updates today to fix a critical zero-day vulnerability exploited in the wild, impacting its Firefox web browser and Thunderbird email client.

#bleepingcomputer #EN #2023 #CVE-2023-4863 #WebP #Firefox #patch

·bleepingcomputer.com·Sep 14, 2023

Mozilla patches Firefox, Thunderbird against zero-day exploited in attacks

ASUS urges customers to patch critical router vulnerabilities

ASUS has released new firmware with cumulative security updates that address vulnerabilities in multiple router models, warning customers to immediately update their devices or restrict WAN access until they're secured.

#bleepingcomputer #EN #2023 #ASUS #Patch #Router #Security-Update #CVE-2022-26376 #CVE-2018-1160

·bleepingcomputer.com·Jun 19, 2023

ASUS urges customers to patch critical router vulnerabilities

Analysis of CVE-2023-27997 and Clarifications on Volt Typhoon Campaign

Affected Platforms: FortiOS Impacted Users: Targeted at government, manufacturing, and critical infrastructure Impact: Data loss and OS and file corruption Severity Level: Critical Today, Fortinet published a CVSS Critical PSIRT Advisory (FG-IR-23-097 / CVE-2023-27997) along with several other SSL-VPN related fixes. This blog adds context to that advisory, providing our customers with additional details to help them make informed, risk-based decisions, and provides our perspective relative to recent events involving malicious actor activity.

#fortinet #EN #2023 #patch #CVE-2023-27997 #analysis #VoltTyphoon #Clarifications

·fortinet.com·Jun 13, 2023

Analysis of CVE-2023-27997 and Clarifications on Volt Typhoon Campaign

Cisco warns of critical flaw in ClamAV antivirus

Switchzilla hardware and software need attention, unless you fancy arbitrary remote code execution

#theregister #EN #2023 #cisco #ClamAV #critical #antivirus #RCE #patch

·theregister.com·Feb 17, 2023

Cisco warns of critical flaw in ClamAV antivirus

Switchzilla hardware and software need attention, unless you fancy arbitrary remote code execution

#theregister #EN #2023 #cisco #ClamAV #critical #antivirus #RCE #patch

·theregister.com·Feb 17, 2023

Cisco warns of critical flaw in ClamAV antivirus