Apple and Google have released several software updates to protect against a hacking campaign targeting an unknown number of their users.
On Wednesday, Google released patches for a handful of security bugs in its Chrome browser, noting that one of the bugs was being actively exploited by hackers before the company had time to patch it. Unusually for Google, the company provided no further details at the time.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- DHS Orders Federal Agencies to Patch Critical Flaws Within 15 Days
May 1, 2019
In recent years, we have seen how hackers prey on those too lazy or ignorant to install security patches, which, if applied on time, would have prevented some devastating cyber attacks and data breaches that happened in major organisations. The United States Department of Homeland Security (DHS) has ordered government agencies to more swiftly plug the ...
- Cisco Patches High-Severity Flaws in IP Phones
March 21, 2019
The most serious vulnerabilities in Cisco’s 8800 Series IP Phones could allow unauthenticated, remote attackers to conduct a cross-site request forgery attack or write arbitrary files to the filesystem. Cisco Systems is urging customers to update several models of their IP phones after issuing patches for five high-severity flaws found in its popular business-focused IP phones. Impacted ...
- Cisco Fixes Critical Flaw in Wireless VPN, Firewall Routers
February 27, 2019
Cisco is urging customers to update their wireless VPN and firewall routers, after patching a critical vulnerability that could allow unauthenticated, remote attackers to execute arbitrary code. The vulnerability, CVE-2019-1663, has a CVSS score of 9.8 and impacts the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router. ...
- 19-Year Old WinRAR RCE Vulnerability Gets Micropatch Which Keeps ACE Support
February 22, 2019
A micropatch was released to fix a 19-year old arbitrary code execution vulnerability impacting 500 million users of the WinRAR compression tool and to keep ACE support after the app’s devs removed it when they patched the security issue. Nadav Grossman from Check Point Software Technologies was the one who originally found the ACE Path Traversal logical bug in the UNACEV2.DLL library written by ...
- Cisco’s warning: Patch this default Network Assurance Engine password bug
February 13, 2019
Cisco is urging customers to install an update that fixes a high-severity issue affecting its Network Assurance Engine (NAE) for managing data-center networks. The bug, tracked as CVE-2019-1688, could allow an attacker to use a flaw in the password-management system of NAE to knock out an NAE server and cause a denial of service. NAE is an ...
- Siemens Warns of Critical Remote-Code Execution ICS Flaw
February 12, 2019
Siemens has released 16 security advisories for various industrial control and utility products, including a warning for a critical flaw in the WibuKey digital rights management (DRM) solution that affects the SICAM 230 process control system. SICAM 230 is used for a broad range of industrial control system (ICS) applications, including use as an integrated energy system for ...