Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution Dec 06, 2023NewsroomSoftware Security / Vulnerability Atlassian has released software fixes to address four critical flaws in its software that, if successfully exploited, could result in remote code execution. The list of vulnerabilities is below – CVE-2022-1471 (CVSS score: 9.8) Read more…
WhatsApp’s New Secret Code Feature Lets Users Protect Private Chats with Password Dec 01, 2023NewsroomPrivacy / Data Protection Meta-owned WhatsApp has launched a new Secret Code feature to help users protect sensitive conversations with a custom password on the messaging platform. The feature has been described as an “additional way Read more…
New Ransomware Group Emerges with Hive’s Source Code and Infrastructure Nov 13, 2023NewsroomCyber Threat / Malware The threat actors behind a new ransomware group called Hunters International have acquired the source code and infrastructure from the now-dismantled Hive operation to kick-start its own efforts in the threat landscape. “It appears Read more…
The story of MS13-002: How incorrectly casting fat pointers can make your code explode | MSRC Blog C++ supports developers in object-orientated programming and removes from the developer the responsibility of dealing with many object-oriented programming (OOP) paradigm problems. But these problems do not magically disappear. Rather it is the Read more…
A proactive approach to more secure code | MSRC Blog What if we could eliminate an entire class of vulnerabilities before they ever happened? Since 2004, the Microsoft Security Response Centre (MSRC) has triaged every reported Microsoft security vulnerability. From all that triage one astonishing fact sticks out: as Matt Read more…
Microsoft mitigates Power Platform Custom Code information disclosure vulnerability | MSRC Blog On 30 March 2023, Tenable informed Microsoft under Coordinated Vulnerability Disclosure (CVD) of a security issue concerning Power Platform Custom Connectors using Custom Code. This feature allows customers to write code for custom connectors. This issue has been Read more…
BIG-IP Vulnerability Allows Remote Code Execution Oct 27, 2023NewsroomNetwork Security / Vulnerability F5 has alerted customers of a critical security vulnerability impacting BIG-IP that could result in unauthenticated remote code execution. The issue, rooted in the configuration utility component, has been assigned the CVE identifier CVE-2023-46747, and carries a CVSS Read more…