Experimental News Clipping Site

Tag: patches

  • Hacker News: Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025

    by

    Kurt Seifried
    in

    Source URL: https://www.bleepingcomputer.com/news/security/hackers-exploit-16-zero-days-on-first-day-of-pwn2own-automotive-2025/ Source: Hacker News Title: Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025 Feedly Summary: Comments AI Summary and Description: Yes Summary: The text provides a detailed report on the outcomes of the Pwn2Own Automotive 2025 hacking competition, highlighting the successful exploitation of zero-day vulnerabilities relating to electric vehicle chargers…

  • The Register: Oracle emits 603 patches, names one it wants you to worry about soon

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/23/oracle_patch_linux/ Source: The Register Title: Oracle emits 603 patches, names one it wants you to worry about soon Feedly Summary: Old flaws that keep causing trouble haunt Big Red Oracle has delivered its regular quarterly collection of patches: 603 in total, 318 for its own products, and another 285 for Linux code it…

  • The Register: Patch procrastination leaves 50,000 Fortinet firewalls vulnerable to zero-day

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/21/fortinet_firewalls_still_vulnerable/ Source: The Register Title: Patch procrastination leaves 50,000 Fortinet firewalls vulnerable to zero-day Feedly Summary: Seven days after disclosure and little action taken, data shows Fortinet customers need to get with the program and apply the latest updates as nearly 50,000 management interfaces are still vulnerable to the latest zero-day exploit.… AI…

  • Hacker News: Reverse Engineering Call of Duty Anti-Cheat

    by

    Kurt Seifried
    in

    Source URL: https://ssno.cc/posts/reversing-tac-1-4-2025/ Source: Hacker News Title: Reverse Engineering Call of Duty Anti-Cheat Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text presents an in-depth analysis of the user-mode anti-cheat mechanism employed in the video game “Call of Duty: Black Ops Cold War,” referred to as TAC (Treyarch Anti-Cheat). It details the obfuscation…

  • The Register: Fortinet: FortiGate config leaks are genuine but misleading

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/17/fortinet_fortigate_config_leaks/ Source: The Register Title: Fortinet: FortiGate config leaks are genuine but misleading Feedly Summary: Competition hots up with Ivanti over who can have the worst start to a year Fortinet has confirmed that previous analyses of records leaked by the Belsen Group are indeed genuine FortiGate configs stolen during a zero-day raid…

  • Unit 42: Threat Brief: CVE-2025-0282 and CVE-2025-0283

    by

    Kurt Seifried
    in

    Source URL: https://unit42.paloaltonetworks.com/threat-brief-ivanti-cve-2025-0282-cve-2025-0283/ Source: Unit 42 Title: Threat Brief: CVE-2025-0282 and CVE-2025-0283 Feedly Summary: CVE-2025-0282 and CVE-2025-0283 affect multiple Ivanti products. This threat brief covers attack scope, including details from an incident response case. The post Threat Brief: CVE-2025-0282 and CVE-2025-0283 appeared first on Unit 42. AI Summary and Description: Yes **Summary:** The text details…

  • Slashdot: Microsoft Patches Windows To Eliminate Secure Boot Bypass Threat

    by

    Kurt Seifried
    in

    Source URL: https://it.slashdot.org/story/25/01/16/1755240/microsoft-patches-windows-to-eliminate-secure-boot-bypass-threat?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Microsoft Patches Windows To Eliminate Secure Boot Bypass Threat Feedly Summary: AI Summary and Description: Yes Summary: Microsoft has addressed a significant Windows vulnerability (CVE-2024-7344) that permitted attackers to bypass Secure Boot, which serves as a crucial safeguard against firmware infections. This vulnerability was present for over seven months…

  • Hacker News: Researchers have identified a total of 6 vulnerabilities in rsync

    by

    Kurt Seifried
    in

    Source URL: https://www.openwall.com/lists/oss-security/2025/01/14/3 Source: Hacker News Title: Researchers have identified a total of 6 vulnerabilities in rsync Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses multiple vulnerabilities identified in the rsync software, including a critical heap buffer overflow that allows arbitrary code execution with minimal access rights. This communication is especially…

  • Cisco Talos Blog: Slew of WavLink vulnerabilities

    by

    Kurt Seifried
    in

    Source URL: https://blog.talosintelligence.com/slew-of-wavlink-vulnerabilities/ Source: Cisco Talos Blog Title: Slew of WavLink vulnerabilities Feedly Summary: Lilith >_> of Cisco Talos discovered these vulnerabilities. Forty-four vulnerabilities and sixty-three CVEs were discovered across ten .cgi and three .sh files, as well as the static login page, of the Wavlink AC3000 wireless router web application.  The Wavlink AC3000 wireless router is…