A proof-of-concept (PoC) code demonstrating a newly disclosed digital signature bypass vulnerability in Java has been shared online. The high-severity flaw in question, CVE-2022-21449 (CVSS score: 7.5), impacts the following version of Java SE and Oracle GraalVM Enterprise Edition - Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18 Oracle GraalVM Enterprise Edition: 20.3.5, … [Read more...] about Researcher Releases PoC for Recent Java Cryptographic Vulnerability
Releases
Security Patch Releases for Critical Zero-Day Bug in Java Spring Framework
The maintainers of Spring Framework have released an emergency patch to address a newly disclosed remote code execution flaw that, if successfully exploited, could allow an unauthenticated attacker to take control of a targeted system. Tracked as CVE-2022-22965, the high-severity flaw impacts Spring Framework versions 5.3.0 to 5.3.17, 5.2.0 to 5.2.19, and other older, … [Read more...] about Security Patch Releases for Critical Zero-Day Bug in Java Spring Framework
CrowdStrike Services Releases Free Incident Response Tracker
The CrowdStrike Incident Response Tracker is a convenient spreadsheet that includes sections to document indicators of compromise, affected accounts, compromised systems and a timeline of significant events CrowdStrike incident response teams have leveraged this type of tracker in thousands of investigations Download the CrowdStrike Incident Response Tracker Template During a … [Read more...] about CrowdStrike Services Releases Free Incident Response Tracker
Product Releases Should Not Be Scary
Every Product Manager and Software Developer should know that pushing feature updates to production via traditional channels is as archaic as painting on cave walls. The smart are always quick to adapt to new, innovative technologies, and this mindset is exactly what makes normal companies great. The landscape is changing fast, especially in IT. Change isn't just necessary, but … [Read more...] about Product Releases Should Not Be Scary
Apple Releases Urgent iPhone and iPad Updates to Patch New Zero-Day Vulnerability
Apple on Monday released a security update for iOS and iPad to address a critical vulnerability that it says is being exploited in the wild, making it the 17th zero-day flaw the company has addressed in its products since the start of the year.' The weakness, assigned the identifier CVE-2021-30883, concerns a memory corruption issue in the "IOMobileFrameBuffer" component that … [Read more...] about Apple Releases Urgent iPhone and iPad Updates to Patch New Zero-Day Vulnerability
Microsoft Releases Patches For Critical Windows TCP/IP and Other Bugs
Microsoft on Tuesday issued fixes for 87 newly discovered security vulnerabilities as part of its October 2020 Patch Tuesday, including two critical remote code execution (RCE) flaws in Windows TCP/IP stack and Microsoft Outlook. The flaws, 11 of which are categorized as Critical, 75 are ranked Important, and one is classified Moderate in severity, affect Windows, Office and … [Read more...] about Microsoft Releases Patches For Critical Windows TCP/IP and Other Bugs
Microsoft Releases Urgent Windows Update to Patch Two Critical Flaws
Microsoft yesterday quietly released out-of-band software updates to patch two high-risk security vulnerabilities affecting hundreds of millions of Windows 10 and Server editions' users.To be noted, Microsoft rushed to deliver patches almost two weeks before the upcoming monthly 'Patch Tuesday Updates' scheduled for 14th July.That's likely because both flaws reside in the … [Read more...] about Microsoft Releases Urgent Windows Update to Patch Two Critical Flaws
Microsoft Releases June 2020 Security Patches For 129 Vulnerabilities
Microsoft today released its June 2020 batch of software security updates that patches a total of 129 newly discovered vulnerabilities affecting various versions of Windows operating systems and related products.This is the third Patch Tuesday update since the beginning of the global Covid-19 outbreak, putting some extra pressure on security teams struggling to keep up with … [Read more...] about Microsoft Releases June 2020 Security Patches For 129 Vulnerabilities
Hacker Releases ‘Unpatchable’ Jailbreak For All iOS Devices, iPhone 4s to iPhone X
An iOS hacker and cybersecurity researcher today publicly released what he claimed to be a "permanent unpatchable bootrom exploit," in other words, an epic jailbreak that works on all iOS devices ranging from iPhone 4s (A5 chip) to iPhone 8 and iPhone X (A11 chip).Dubbed Checkm8, the exploit leverages unpatchable security weaknesses in Apple's Bootrom (SecureROM), the first … [Read more...] about Hacker Releases ‘Unpatchable’ Jailbreak For All iOS Devices, iPhone 4s to iPhone X
Apple Releases iOS 12.4.1 Emergency Update to Patch ‘Jailbreak’ Flaw
Apple just patched an unpatched flaw that it patched previously but accidentally unpatched recently — did I confuse you?Let's try it again...Apple today finally released iOS 12.4.1 to fix a critical jailbreak vulnerability, like it or not, that was initially patched by the company in iOS 12.3 but was then accidentally got reintroduced in the previous iOS 12.4 update.For those … [Read more...] about Apple Releases iOS 12.4.1 Emergency Update to Patch ‘Jailbreak’ Flaw