The bug is under attack. Within hours of the patch release, a researcher published POC code, calling it a “great” flaw that can be used for jailbreaks and local privilege escalation.
Source: Read More (Threatpost)
You might be interested in …
[ThreatPost] Kerberos Authentication Spoofing: Don’t Bypass the Spec
Yaron Kassner, CTO at Silverfort, discusses authentication-bypass bugs in Cisco ASA, F5 Big-IP, IBM QRadar and Palo Alto Networks PAN-OS. Source: Read More (Threatpost)
[SecurityWeek] Medical, IoT Devices From Many Manufacturers Affected by ‘Access:7’ Vulnerabilities
Many IoT and medical devices are affected by seven potentially serious vulnerabilities discovered in widely used remote management software, according to enterprise security company Forescout. read more Source: Read More (SecurityWeek RSS Feed)
[SecurityWeek] Valence Emerges From Stealth to Address Business App Connectivity Risks
Another Israel-based cybersecurity startup has emerged from stealth mode. The company, Valence, claims to have developed a platform that leverages zero trust principles to help organizations manage risks associated with the connectivity between various business applications. read more Source: Read More (SecurityWeek RSS Feed)