Wednesday, February 20, 2019
Apple

Apple macOS 10.13.5 Local Privilege Escalation

Apple macOS version 10.13.5 local privilege escalation exploit.
Apple

Apple Security Advisory 2019-2-07-1

Apple Security Advisory 2019-2-07-1 - iOS 12.1.4 is now available and addresses memory corruption vulnerabilities.
Apple

Apple Security Advisory 2019-2-07-3

Apple Security Advisory 2019-2-07-3 - Shortcuts 2.1.3 for iOS is now available and addresses information disclosure and sandbox escape vulnerabilities.
Apple

Apple Security Advisory 2019-2-07-1

Apple Security Advisory 2019-2-07-1 - iOS 12.1.4 is now available and addresses memory corruption and logic issues.
Apple

Apple Security Advisory 2019-2-07-2

Apple Security Advisory 2019-2-07-2 - macOS Mojave 10.14.3 Supplemental Update is now available and addresses memory corruption and logic issues.
Apple

Apple Security Advisory 2019-1-24-1

Apple Security Advisory 2019-1-24-1 - iTunes 12.9.3 for Windows is now available and addresses code execution and cross site scripting vulnerabilities.
Apple

Apple Security Advisory 2019-1-22-4

Apple Security Advisory 2019-1-22-4 - tvOS 12.1.2 is now available and addresses buffer overflow, code execution, and cross site scripting vulnerabilities.
Apple

Apple Security Advisory 2019-1-22-5

Apple Security Advisory 2019-1-22-5 - Safari 12.0.3 is now available and addresses code execution and cross site scripting vulnerabilities.
Apple

Apple Security Advisory 2019-1-22-6

Apple Security Advisory 2019-1-22-6 - iCloud for Windows 7.10 is now available and addresses code execution and cross site scripting vulnerabilities.
Apple

Apple Security Advisory 2019-1-22-1

Apple Security Advisory 2019-1-22-1 - iOS 12.1.3 is now available and addresses buffer overflow, code execution, cross site scripting, and denial of service vulnerabilities.
Apple

Apple Security Advisory 2018-12-06-1

Apple Security Advisory 2018-12-06-1 - watchOS 5.1.2 is now available and addresses code execution and denial of service vulnerabilities.
Apple

Apple Security Advisory 2018-12-05-7

Apple Security Advisory 2018-12-05-7 - Shortcuts 2.1.2 is now available and addresses an undisclosed issue.
Apple

Apple Security Advisory 2018-12-05-5

Apple Security Advisory 2018-12-05-5 - iTunes 12.9.2 for Windows is now available and addresses code execution vulnerabilities.
Apple

Apple Security Advisory 2018-12-05-6

Apple Security Advisory 2018-12-05-6 - iCloud for Windows 7.9 is now available and addresses code execution vulnerabilities.
Apple

Apple Security Advisory 2018-12-05-3

Apple Security Advisory 2018-12-05-3 - tvOS 12.1.1 is now available and addresses code execution and denial of service vulnerabilities.

Can you really sniff out gas station card skimmers with your phone?

A viral post suggests (wrongly) that card skimmers always use Bluetooth. Anyway, just looking at nearby Bluetooth names doesn't help much...
SecurityWeek

Canada Helping Australia Determine ‘Full Extent’ of Hack

Canada's electronic eavesdropping agency said Wednesday it is working with Canberra to try to determine the scale of computer hacking on Australia's parliament and political parties just months from an election. read more

Researcher: Not Hard for a Hacker to Capsize a Ship at Sea

Maritime transport still contributes in an important way to the world’s economy, with on-time shipments influencing everything from commodities availability and spot pricing to the stability of small countries. Unfortunately, capsizing a ship with a cyberattack is a relatively...
SC Magazine

30 years in: My, how SC and security have changed

1989. Acid wash jeans, Bon Jovi and the compassionate conservatism of the Reagan Era were actually, unironically popular. The Berlin Wall fell, free elections were held in the then Soviet Congress of Deputies, Vaclev Havel became president of Czechoslavakia,...
SecurityWeek

WinPot ATM Malware Resembles a Slot Machine

A piece of malware targeting automated teller machines (ATMs) has an interface that looks like a slot machine, Kaspersky Lab reports.  Dubbed WinPot, the malware was initially detected in March last year, targeting the ATMs of a popular vendor to...