Apple fixed a bug in Magic Keyboard that allows to monitor Bluetooth traffic Pierluigi Paganini January 15, 2024 Apple addressed a recently disclosed Bluetooth keyboard injection vulnerability with the release of Magic Keyboard firmware. Apple released Magic Keyboard Firmware Update 2.0.6 to address a recently disclosed Bluetooth keyboard injection issue tracked as CVE-2024-0230. The flaw […]
German technology manufacturer Bosch fixed a vulnerability affecting a popular line of smart thermostats in October, the company disclosed this week. Researchers from Bitdefender discovered an issue with Bosch BCC100 thermostats last August which lets an attacker on the same network replace the device firmware with a rogue version. Bogdan Botezatu, director of threat research […]
Apache fixed Critical RCE flaw CVE-2023-50164 in Struts 2 Pierluigi Paganini December 11, 2023 The Apache Software Foundation addressed a critical remote code execution vulnerability in the Apache Struts 2 open-source framework. The Apache Software Foundation released security updates to address a critical file upload vulnerability in the Struts 2 open-source framework. Successful exploitation of […]
Arcserve has fixed critical security vulnerabilities (CVE-2023-41998, CVE-2023-41999, CVE-2023-42000) in its Unified Data Protection (UDP) solution, PoCs for which have been published by Tenable researchers on Monday. The vulnerabilities Arcserve UDP is a popular enterprise data protection, backup and disaster recovery solution that improves organizations’ resilience to ransomware attacks. CVE-2023-41998 is a vulnerability in the […]
ServiceNow has fixed a flaw that allowed unauthenticated attackers to steal sensitive data. The flaw was highlighted by security researcher Aaron Costello, who found that the default configurations of ServiceNow’s widgets exposed personal data.
Popular typing assistant Grammarly said it has fixed vulnerabilities affecting user logins after being notified by a security company of the issues. The bugs affected social sign-in — when someone accesses a web service through their existing credentials for a platform like Facebook or Google — and were caused by issues with implementations of Open […]
Time to turn the ‘Televisão’ on The fine Fixed Rhythms rhythm is proud to welcome back Brazilian producer Marcela Dias Sindaco for her debut album, following the release of her ‘Rio de Janeiro 3025 EP’ – thankfully released in 2022 rather than the year 3025 that it depicts. They have every right to be, too. […]
Time to turn the ‘Televisão’ on The fine Fixed Rhythms label is proud to welcome back Brazilian producer Marcela Dias Sindaco for her debut album, following the release of her ‘Rio de Janeiro 3025 EP’ – thankfully released in 2022 rather than the year 3025 that it depicts. They have every right to be, too. […]
Executive Summary On October 4, a high-severity security vulnerability was reported and fixed in curl. The vulnerability, CVE-2023-38545, was associated with a severe heap overflow during the SOCKS5 proxy handshake process, impacting both the libcurl and the curl tool. This article whirls around a detailed analysis of the issue, its cause, its potential risks, and […]
- 1
- 2