Security Bulletin

Included in the compromised information were customers' names, email addresses, and phone numbers, which have been verified to be legitimate by BleepingComputer amid a lack of comment from Life360.

Such a vulnerability, tracked as CVE-2024-20419, could be exploited to facilitate web UI or API access and eventually allow the unauthenticated creation of new user passwords, according to Cisco.

Threat actors leveraged an Apple macOS disk image file spoofing the MiroTalk video call service to facilitate the distribution of BeaverTail.

Exploitation of the security issue could potentially enable sandbox restriction evasion and eventual server takeovers.

CyberScoop reports Interpol's crackdown on West African cyber fraud and organized crime as part of Operation Jackal III aimed at combating mounting financial fraud across the region has led to 300 arrests across five continents.

Attackers leveraged an updated version of the Demodex kernel-level rootkit with more advanced tools and obfuscation techniques to compromise an unnamed organization's network.

Cisco Networking Academy launches Discovering Entrepreneurship to help ignite the entrepreneurial spirit across Latin America. ¡Despierta el espírtu emprendedor en ti!

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Subnet Solutions Inc. Equipment: Subnet PowerSYSTEM Center Vulnerability: Prototype Pollution 2. RISK EVALUATION Successful exploitation of this...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Philips Equipment: Vue PACS Vulnerabilities: Out-of-bounds Write, Deserialization of Untrusted Data, Uncontrolled Resource Consumption, Improper...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.2 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Corporation Equipment: MELSOFT MaiLab Vulnerability: Improper Verification of Cryptographic Signature 2. RISK EVALUATION Successful exploitation of...

CISA released three Industrial Control Systems (ICS) advisories on July 18, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-200-01 Mitsubishi Electric MELSOFT...

Ivanti released security updates to address vulnerabilities in Ivanti Endpoint Manager (EPM) and Ivanti Endpoint Manager for Mobile (EPMM). A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA...