Critical Chipset Bugs Open Millions of Android Devices to Remote Spying

Wed, 04 May 2022 19:36:00
0 minutes, 19 seconds

Three security vulnerabilities have been disclosed in the audio decoders of Qualcomm and MediaTek chips that, if left unresolved, could allow an adversary to remotely gain access to media and audio conversations from affected mobile devices. According to Israeli cybersecurity company Check Point, th...

New Lenovo UEFI Firmware Vulnerabilities Affect Millions of Laptops

Wed, 04 May 2022 19:34:00
0 minutes, 16 seconds

Three high-impact Unified Extensible Firmware Interface (UEFI) security vulnerabilities have been discovered impacting various Lenovo consumer laptop models, enabling malicious actors to deploy and execute firmware implants on the affected devices. Tracked as CVE-2021-3970, CVE-2021-3971, and CVE-20...

There are two critical RCE vulnerabilities in Java’s Spring Framework.

Wed, 06 Apr 2022 9:32:00
0 minutes, 23 seconds
  • A new critical Remote Code Execution (RCE) vulnerability (CVE-2022-22963) was discovered in Java’s Spring Cloud Functions. There are patches available for this vulnerability which should be applied to affected systems as soon as possible.
  • A 0-day vulnerability in Spring Core that could lead to u...

Log4shell - Five Eyes published a scanner for everyone

Sun, 26 Dec 2021 10:28:16
1 minute, 21 seconds

Log4shell

As you may have heard, since December 9 there is a severe vulnerability called Log4shell (and other Log4j-related vulnerabilities) that affects a wide range of Java applications. The "Apache Log4j2 2.0-beta9 through 2.12.1 and 2.13.0 through 2.15.0 JNDI" library.

Scanners

Five Eye

...