While Apple did issue a patch for the vulnerability, it seems that the fix can be easily circumvented
The post Bug in macOS Finder allows remote code execution appeared first on WeLiveSecurity
Source: Read More (WeLiveSecurity)
You might be interested in …
[BleepingComputer] Windows 10 targeted by PuzzleMaker hackers using Chrome zero-days
Kaspersky security researchers discovered a new threat actor dubbed PuzzleMaker, who has used a chain of Google Chrome and Windows 10 zero-day exploits in highly-targeted attacks against multiple companies worldwide. […] Source: Read More (BleepingComputer)
[HackerNews] Researchers Bypass SMS-based Multi-Factor Authentication Protecting Box Accounts
Cybersecurity researchers have disclosed details of a now-patched bug in Box’s multi-factor authentication (MFA) mechanism that could be abused to completely sidestep SMS-based login verification. “Using this technique, an attacker could use stolen credentials to compromise an organization’s Box account and exfiltrate sensitive data without access to the victim’s phone,” Varonis researchers said Source: Read More […]
[HackerNews] Critical Security Flaws Reported in Moxa MXview Network Management Software
Technical details have been disclosed regarding a number of security vulnerabilities affecting Moxa’s MXview web-based network management system, some of which could be chained by an unauthenticated adversary to achieve remote code execution on unpatched servers. The five security weaknesses “could allow a remote, unauthenticated attacker to execute code on the hosting machine with the […]