Apple just patched an unpatched flaw that it patched previously but accidentally unpatched recently — did I confuse you?Let's try it again...Apple today finally released iOS 12.4.1 to fix a critical jailbreak vulnerability, like it or not, that was initially patched by the company in iOS 12.3 but was then accidentally got reintroduced in the previous iOS 12.4 update.For those … [Read more...] about Apple Releases iOS 12.4.1 Emergency Update to Patch ‘Jailbreak’ Flaw
Flaw
iOS 12.4 jailbreak released after Apple ‘accidentally un-patches’ an old flaw
A fully functional jailbreak has been released for the latest iOS 12.4 on the Internet, making it the first public jailbreak in a long time—thanks to Apple.Dubbed "unc0ver 3.5.0," the jailbreak works with the updated iPhones, iPads and iPod Touches by leveraging a vulnerability that Apple previously patched in iOS 12.3 but accidentally reintroduced in the latest iOS version … [Read more...] about iOS 12.4 jailbreak released after Apple ‘accidentally un-patches’ an old flaw
Google Discloses 20-Year-Old Unpatched Flaw Affecting All Versions of Windows
Update — With this month's patch Tuesday updates, Microsoft has finally addressed this vulnerability, tracked as CVE-2019-1162, by correcting how the Windows operating system handles calls to Advanced Local Procedure Call (ALPC). A Google security researcher has just disclosed details of a 20-year-old unpatched high-severity vulnerability affecting all versions of Microsoft … [Read more...] about Google Discloses 20-Year-Old Unpatched Flaw Affecting All Versions of Windows
SWAPGS Attack — New Speculative Execution Flaw Affects All Modern Intel CPUs
A new variant of the Spectre (Variant 1) side-channel vulnerability has been discovered that affects all modern Intel CPUs, and probably some AMD processors as well, which leverage speculative execution for high performance, Microsoft and Red Hat warned.Identified as CVE-2019-1125, the vulnerability could allow unprivileged local attackers to access sensitive information stored … [Read more...] about SWAPGS Attack — New Speculative Execution Flaw Affects All Modern Intel CPUs
Zoom RCE Flaw Also Affects Its Rebranded Versions RingCentral and Zhumu
The same security vulnerabilities that were recently reported in Zoom for macOS also affect two other popular video conferencing software that under the hood, are just a rebranded version of Zoom video conferencing software.Security researchers confirmed The Hacker News that RingCentral, used by over 350,000 businesses, and Zhumu, a Chinese version of Zoom, also runs a hidden … [Read more...] about Zoom RCE Flaw Also Affects Its Rebranded Versions RingCentral and Zhumu
This Flaw Could Have Allowed Hackers to Hack Any Instagram Account Within 10 Minutes
Watch out! Facebook-owned photo-sharing service has recently patched a critical vulnerability that could have allowed hackers to compromise any Instagram account without requiring any interaction from the targeted users.Instagram is growing quickly—and with the most popular social media network in the world after Facebook, the photo-sharing network absolutely dominates when it … [Read more...] about This Flaw Could Have Allowed Hackers to Hack Any Instagram Account Within 10 Minutes
Zoom Video Conferencing for macOS Also Vulnerable to Critical RCE Flaw
The chaos and panic that the disclosure of privacy vulnerability in the highly popular and widely-used Zoom video conferencing software created earlier this week is not over yet.As suspected, it turns out that the core issue—a locally installed web server by the software—was not just allowing any website to turn on your device webcam, but also could allow hackers to take … [Read more...] about Zoom Video Conferencing for macOS Also Vulnerable to Critical RCE Flaw
Important Flaw in Outlook App for Android Affects Over 100 Millions Users
Update (22 July 2019) — More technical details and proof-of-concept for the OutLook for Android vulnerability has been released that we have covered in a separate article here.Microsoft today released an updated version of its "Outlook for Android" that patches an important security vulnerability in the popular email app that is currently being used over 100 million … [Read more...] about Important Flaw in Outlook App for Android Affects Over 100 Millions Users
PoC Released for Outlook Flaw that Microsoft Patched 6 Month After Discovery
As we reported two days ago, Microsoft this week released an updated version of its Outlook app for Android that patches a severe remote code execution vulnerability (CVE-2019-1105) that impacted over 100 million users.However, at that time, very few details of the flaw were available in the advisory, which just revealed that the earlier versions of the email app contained a … [Read more...] about PoC Released for Outlook Flaw that Microsoft Patched 6 Month After Discovery
Critical Flaw Reported in Popular Evernote Extension for Chrome Users
Cybersecurity researchers discover a critical flaw in the popular Evernote Chrome extension that could have allowed hackers to hijack your browser and steal sensitive information from any website you accessed.Evernote is a popular service that helps people taking notes and organize their to-do task lists, and over 4,610,000 users have been using its Evernote Web Clipper … [Read more...] about Critical Flaw Reported in Popular Evernote Extension for Chrome Users