New Actively Exploited Zero-Day Vulnerability Discovered in Apple Products

The Hacker News Daily Updates
Newsletter
cover

Using the OWASP MASVS Security Standards

Developers looking to lessen the impact of mobile application attacks need to build a strong mobile application security strategy

Download Now Sponsored
LATEST NEWS Dec 14, 2022

New GoTrim Botnet Attempting to Break into WordPress Sites' Admin Accounts

A new Go-based botnet has been spotted scanning and brute-forcing self-hosted websites using the WordPress content management system (CMS) to seize control of the targeted systems. "This new brute forcer is part of a new campaign we have named GoTrim because it was written in Go and uses ':::trim:::' to split data communicated to and from the C2 server," Fortinet FortiGuard Labs ...

Read More
Twitter Facebook LinkedIn

Ransomware Attackers Use Microsoft-Signed Drivers to Gain Access to Systems

Microsoft on Tuesday disclosed it took steps to suspend accounts that were used to publish malicious drivers that were certified by its Windows Hardware Developer Program were used to sign malware. The tech giant said its investigation revealed the activity was restricted to a number of developer program accounts and that no further compromise was detected. Cryptographically signing malware ...

Read More
Twitter Facebook LinkedIn

Why PCI DSS 4.0 Should Be on Your Radar in 2023

Protecting customer data is critical for any business accepting online payment information. The Payment Card Industry Data Security Standard (PCI DSS), created by leading credit card companies, establishes best practices for protecting consumers' information. By adhering to these standards, businesses can ensure that their customer's personal and financial information is secure.  The PCI ...

Read More
Twitter Facebook LinkedIn

December 2022 Patch Tuesday: Get Latest Security Updates from Microsoft and More

Tech giant Microsoft released its last set of monthly security updates for 2022 with fixes for 49 vulnerabilities across its software products. Of the 49 bugs, six are rated Critical, 40 are rated Important, and three are rated Moderate in severity. The updates are in addition to 24 vulnerabilities that have been addressed in the Chromium-based Edge browser since the start of the ...

Read More
Twitter Facebook LinkedIn

Hackers Actively Exploiting Citrix ADC and Gateway Zero-Day Vulnerability

The U.S. National Security Agency (NSA) on Tuesday said a threat actor tracked as APT5 has been actively exploiting a zero-day flaw in Citrix Application Delivery Controller (ADC) and Gateway to take over affected systems. The critical remote code execution vulnerability, identified as CVE-2022-27518, could allow an unauthenticated attacker to execute commands remotely on vulnerable devices ...

Read More
Twitter Facebook LinkedIn

New Actively Exploited Zero-Day Vulnerability Discovered in Apple Products

Apple on Tuesday rolled out security updates to iOS, iPadOS, macOS, tvOS, and Safari web browser to address a new zero-day vulnerability that could result in the execution of malicious code. Tracked as CVE-2022-42856, the issue has been described by the tech giant as a type confusion issue in the WebKit browser engine that could be triggered when processing specially crafted content, leading ...

Read More
Twitter Facebook LinkedIn

Google Launches OSV-Scanner Tool to Identify Open Source Vulnerabilities

Google on Tuesday announced the open source availability of OSV-Scanner, a scanner that aims to offer easy access to vulnerability information about various projects. The Go-based tool, powered by the Open Source Vulnerabilities (OSV) database, is designed to connect "a project's list of dependencies with the vulnerabilities that affect them," Google software engineer Rex Pan in a post ...

Read More
Twitter Facebook LinkedIn

Serious Attacks Could Have Been Staged Through This Amazon ECR Public Gallery Vulnerability

A critical security flaw has been disclosed in Amazon Elastic Container Registry (ECR) Public Gallery that could have been potentially exploited to stage a multitude of attacks, according to cloud security firm Lightspin. "By exploiting this vulnerability, a malicious actor could delete all images in the Amazon ECR Public Gallery or update the image contents to inject malicious code," ...

Read More
Twitter Facebook LinkedIn
cover

Using the OWASP MASVS Security Standards

Developers looking to lessen the impact of mobile application attacks need to build a strong mobile application security strategy

Download Now Sponsored

This email was sent to you. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here.

Contact The Hacker News: info@thehackernews.com
Unsubscribe

The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India

Key phrases

Older messages

Mastering Cyber Intelligence ($19.99 Value) FREE for a Limited Time

Friday, December 16, 2022

The Hacker News eBook Update Newsletter Mastering Cyber Intelligence ($19.99 Value) FREE for a Limited Time Download For Free Cyber Threat Intelligence converts threat information into evidence-based

New Actively Exploited Zero-Day Vulnerability Discovered in Apple Products

Friday, December 16, 2022

The Hacker News Daily Updates Newsletter cover Developer-First Security Tools Buyers Guide Cloud computing environments are increasingly de!ned and controlled by infrastructure-as-code (ie Terraform),

Fortinet Warns of Active Exploitation of New SSL-VPN Pre-auth RCE Vulnerability

Tuesday, December 13, 2022

The Hacker News Daily Updates Newsletter cover The 5 Dimensions of Data Maturity Webinar Download Now Sponsored LATEST NEWS Dec 13, 2022 Serious Attacks Could Have Been Staged Through This Amazon ECR

Royal Ransomware Threat Takes Aim at U.S. Healthcare System

Monday, December 12, 2022

The Hacker News Daily Updates Newsletter cover The 5 Dimensions of Data Maturity Webinar Download Now Sponsored LATEST NEWS Dec 12, 2022 Top 4 SaaS Security Threats for 2023 With 2022 coming to a close

Researchers Detail New Attack Method to Bypass Popular Web Application Firewalls

Saturday, December 10, 2022

The Hacker News Daily Updates Newsletter cover The 5 Dimensions of Data Maturity Webinar Download Now Sponsored LATEST NEWS Dec 10, 2022 Hack-for-Hire Group Targets Travel and Financial Entities with

You Might Also Like

New Linux Bug Could Lead to User Password Leaks and Clipboard Hijacking

Friday, March 29, 2024

THN Daily Updates Newsletter cover Refactoring in Java ($36.99 Value) FREE for a Limited Time Refactoring in Java serves as an indispensable guide to enhancing your codebase's quality and

Post from Syncfusion Blogs on 03/29/2024

Friday, March 29, 2024

New blogs from Syncfusion Introducing the New .NET MAUI Chat Control By Piruthiviraj Malaimelraj This blog explains the features of the new Syncfusion .NET MAUI Chat control added in the 2024 Volume 1

Re: Last Chance

Friday, March 29, 2024

Dear there, By this time tomorrow, your exclusive new subscriber discount will be gone and you'll have to pay twice as much to join Insider and master everything your iPhone has to offer. If, like

Hacker Newsletter #694

Friday, March 29, 2024

Always forgive your enemies - nothing annoys them so much. //Oscar Wilde hackernewsletter Issue #694 // 2024-03-29 // View in your browser Happy Easter if you celebrate it! Heads up - we're taking

Apple RCS 📱, SBF's 25 year sentence 👮, Linux Foundation's Redis fork 👨‍💻

Friday, March 29, 2024

RCS is coming to the iPhone in the fall of 2024 Sign Up|Advertise|View Online TLDR Together With Veracode TLDR 2024-03-29 Build fast, build secure (Sponsor) Software is drowning in security debt.

Data Science Weekly - Issue 540

Friday, March 29, 2024

Curated news, articles and jobs related to Data Science, AI, & Machine Learning ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏

This Week in Rust #540

Friday, March 29, 2024

Email isn't displaying correctly? Read this e-mail on the Web This Week in Rust issue 540 — 27 MAR 2024 Hello and welcome to another issue of This Week in Rust! Rust is a programming language

The Value Of A Promise 🤞

Friday, March 29, 2024

How much is a promise from a tech company really worth, anyway? Here's a version for your browser. Hunting for the end of the long tail • March 28, 2024 The Value Of A Promise When you hear a

New Elastic Security for SIEM Training Course

Friday, March 29, 2024

Detect and respond to evolving threats ㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤ ㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤ ㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤ elastic | Search. Observe. Protect Detect anomalies and malicious behavior March

SBF gets 25 years 

Thursday, March 28, 2024

Sam Bankman-Fried is sentenced View this email online in your browser By Christine Hall Thursday, March 28, 2024 Welcome back to TechCrunch PM! The editorial team spent a chunk of the day discussing