Microsoft patches BitLocker workaround for Windows 10 systems
Microsoft has patched a BitLocker workaround using a PowerShell script. This vulnerability allowed hackers to gain access to encrypted data in Windows 10 systems via a bypass of the BitLocker encryption functionality.
In the recent Patch Tuesday update for Windows 10 systems, Microsoft included ... Read more
Ivanti fixes 14 critical vulnerabilities in Avalanche MDM solution
Ivanti recently patched as many as fourteen critical security vulnerabilities in its enterprise MDM solution Avalanche. These vulnerabilities allowed hackers to easily execute code remotely without the need for end-user interaction.
Ivanti discovered as many as 20 security vulnerabilities in its... Read more
Microsoft urges upgrade to 2023 version Perforce Helix Core Server
Security specialists at Microsoft have discovered four critical vulnerabilities in the Perforce Helix Core Server source code management platform during a routine audit. The vulnerabilities let hackers run code remotely or cause Denial of Service (DoS) problems.
Microsoft security researchers di... Read more
Bluetooth vulnerability affects Android, Apple and Linux devices
A recently discovered vulnerability in Bluetooth, CVE-2023-45866, opens the door to a hostile takeover of Android, Apple and Linux devices. Security researcher Marc Newlin made the discovery.
In a posting on GitHub, Newlin recently disclosed the Bluetooth vulnerability CVE-2023-45866. By exploit... Read more
Google fixes Android bug that hackers can abuse without privileges
In its recent security update for Android, Google patched a critical vulnerability that enables so-called zero-click remote code execution (RCE). In addition, 84 other vulnerabilities were addressed.
According to the tech giant, critical vulnerability CVE-2023-40088 was the most important vulner... Read more
Apple releases iOS updates for two exploited zero-day vulnerabilities
Apple recently released fixes for two zero-day vulnerabilities that may already be exploited by hackers. The vulnerabilities apply to virtually all Apple devices.
The two zero-day vulnerabilities, CVE-2023-42916 and CVE-2023-42917, were found in the WebKit browser, according to the tech giant. T... Read more
Cactus ransomware spread through BI platform Qlik Sense
The Cactus ransomware is actively spread via the cloud analytics and BI platform Qlik Sense. Arctic Wolf Labs' security specialists recently discovered this.
According to Arctic Wolf, this is the first time that vulnerabilities in Qlik Sense have been exploited to gain access to systems to sprea... Read more
Windows Hello vulnerabilities affect multiple laptop models
The biometric Windows Hello implementations of several laptop manufacturers contain vulnerabilities. Researchers at Blackwing Intelligence researched the laptops from Microsoft, Lenovo and Dell, among others.
Windows Hello is an authentication tool that allows users to log into their devices usi... Read more
Veeam ONE for IT monitoring contains critical vulnerabilities
Three patches should address four vulnerabilities in Veaam ONE. Two of the vulnerabilities Veeam itself marks as critical.
Two vulnerabilities in Veeam ONE receive about the maximum CVSS score from Veeam. Abuse of one vulnerability enables hackers to perform remote code execution and the other ... Read more
CVSS 4.0 vulnerability scoring system incorporates OT, ICS and IoT
The global vulnerability scoring system is getting a new version after eight years. CVSS 4.0 includes a focus on the cybersecurity of OT, ICS and IoT.
CVSS 4.0 has been officially released by the Forum of Incident Response and Security Teams (FIRST). The scoring system is mostly known under the... Read more