Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability – Go Health Pro

Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability – Go Health Pro

Oct 05, 2024Ravie LakshmananData Privacy / Mobile Security Apple has released iOS and iPadOS updates to address two security issues, one of which could have allowed a user’s passwords to be read out aloud by its VoiceOver assistive technology. The vulnerability, tracked as CVE-2024-44204, has been described as a logic problem in the new Passwords … Read more

Weird Zimbra Vulnerability – Schneier on Security – Go Health Pro

Weird Zimbra Vulnerability Hackers can execute commands on a remote computer by sending malformed emails to a Zimbra mail server. It’s critical, but difficult to exploit. In an email sent Wednesday afternoon, Proofpoint researcher Greg Lesnewich seemed to largely concur that the attacks weren’t likely to lead to mass infections that could install ransomware or … Read more

Apple Imaginative and prescient Professional Vulnerability Uncovered Digital Keyboard Inputs to Attackers – Go Well being Professional

Apple Imaginative and prescient Professional Vulnerability Uncovered Digital Keyboard Inputs to Attackers – Go Well being Professional

Sep 13, 2024Ravie LakshmananDigital Actuality / Vulnerability Particulars have emerged a few now-patched safety flaw impacting Apple’s Imaginative and prescient Professional blended actuality headset that, if efficiently exploited, may permit malicious attackers to deduce knowledge entered on the machine’s digital keyboard. The assault, dubbed GAZEploit, has been assigned the CVE identifier CVE-2024-40865. “A novel assault … Read more

Ivanti Warns of Energetic Exploitation of Newly Patched Cloud Equipment Vulnerability – Go Well being Professional

Ivanti Warns of Energetic Exploitation of Newly Patched Cloud Equipment Vulnerability – Go Well being Professional

Sep 14, 2024Ravie LakshmananEnterprise Safety / Risk Intelligence Ivanti has revealed {that a} newly patched safety flaw in its Cloud Service Equipment (CSA) has come underneath lively exploitation within the wild. The high-severity vulnerability in query is CVE-2024-8190 (CVSS rating: 7.2), which permits distant code execution underneath sure circumstances. “An OS command injection vulnerability in … Read more

Apache patches OFBiz bypass vulnerability – Go Well being Professional

Apache patches OFBiz bypass vulnerability – Go Well being Professional

Apache patched a bypass vulnerability in its extensively used Apache OFBiz open-source enterprise useful resource and planning software program that would have led to an unauthenticated distant code execution on the Linux and Home windows platforms. In a Sept. 5 weblog submit, researchers at Rapid7 defined that even an attacker missing legitimate credentials may exploit … Read more