Description: The Apache Software Foundation has released security updates to address a vulnerability in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33, and 7.0.23 to 7.0.90. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: http://mail-archives.us.apache.org/mod_mbox/www-announce/201810.mbox/%3c4cf697b0-db03-9eab-f2aa-54c2026d0e88@apache.org%3e
Description: VMware has released a security update to address a vulnerability in AirWatch Console. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://www.vmware.com/security/advisories/VMSA-2018-0024.html
Description: Apple has released security updates to address vulnerabilities in iCloud for Windows and iOS. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://support.apple.com/en-us/HT209141 https://support.apple.com/en-us/HT209162
Description: Cisco has released several updates to address vulnerabilities affecting multiple products. Impact: A remote attacker could exploit this vulnerability to take control of an affected system. Mitigation: Updates are available. Please see the references or vendor advisory for more information. Reference URL’s: https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir#~Vulnerabilities
Description: Apple has released a security update to address multiple vulnerabilities in macOS Mojave 10.14. The updates below are available for these Mac models: MacBook (Early 2015 and later), MacBook Air (Mid 2012 and later), MacBook Pro (Mid 2012 and later), Mac mini (Late 2012 and later), iMac (Late 2012 and later), iMac Pro (all models), Mac Pro (Late 2013, Mid 2010, and Mid 2012 models...
Read More
Security expert discovered a critical vulnerability in iOS 12 which could allow attackers to access photos and contacts on a locked iPhone. Jose Rodriguez, a tech expert, discovered a passcode bypass vulnerability on the iOS 12 and latest iOS 12.1 beta operating systems. According to Rodriquez, the hack works on the latest iPhone XS and some of the other models also. The flaw allows attackers...
Read More
Researchers have discovered a critical vulnerability that allegedly affects multiple Linux distros. The vulnerability named Mutagen Astronomy allows an attacker to gain complete control of a targeted system through root access. This Linux vulnerabilityadversely impacts all current versions of Red Hat, Debian, and CentOS distributions. Mutagen Astronomy – Vulnerability Giving Root Access To Hackers Researchers at Qualys have discovered a critical security vulnerability that adversely affects...
Read More
Chinese cybersecurity researchers have uncovered a widespread, ongoing malware campaign that has already hijacked over 100,000 home routers and modified their DNS settings to hack users with malicious web pages—especially if they visit banking sites—and steal their login credentials. Dubbed GhostDNS, the campaign has many similarities with the infamous DNSChanger malware that works by changing DNS server settings on an infected device, allowing attackers to route the users’...
Read More
When you log into your facebook using your id and password- you get an access token in return. These tokens are the equivalent of digital keys that keep people logged in to Facebook, so they don’t need to re-enter their password every time they use the app. This access token is used to prove your identity throughout all your activities in facebook- the likes/comments that...
Read More
A new form of misinformation is poised to spread through online communities as the 2018 midterm election campaigns heat up. Called “deepfakes” after the pseudonymous online account that popularized the technique – which may have chosen its name because the process uses a technical method called “deep learning” – these fake videos look very realistic. So far, people have used deepfake videos in pornography and...
Read More