Friday, June 5, 2020
Apple

Apple Security Advisory 2020-06-01-4

Apple Security Advisory 2020-06-01-4 - watchOS 6.2.6 is now available and addresses a code execution vulnerability.
Apple

Apple Security Advisory 2020-06-01-3

Apple Security Advisory 2020-06-01-3 - tvOS 13.4.6 is now available and addresses a code execution vulnerability.
Apple

Apple Security Advisory 2020-06-01-2

Apple Security Advisory 2020-06-01-2 - macOS Catalina 10.15.5 Supplemental Update, Security Update 2020-003 High Sierra are now available and address a code execution vulnerability.
Apple

Apple Security Advisory 2020-06-01-1

Apple Security Advisory 2020-06-01-1 - iOS 13.5.1 and iPadOS 13.5.1 are now available and address a code execution vulnerability.
Apple

Apple Security Advisory 2020-05-26-4

Apple Security Advisory 2020-05-26-4 - tvOS 13.4.5 addresses code execution, cross site scripting, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
Apple

Apple Security Advisory 2020-05-26-11

Apple Security Advisory 2020-05-26-11 - Windows Migration Assistant 2.2.0.0 (v. 1A11) is now available and addresses a code execution vulnerability.
Apple

Apple Security Advisory 2020-05-26-10

Apple Security Advisory 2020-05-26-10 - iCloud for Windows 7.19 is now available and addresses code execution, cross site scripting, denial of service, out of bounds read, and out of bounds write vulnerabilities.
Apple

Apple Security Advisory 2020-05-26-9

Apple Security Advisory 2020-05-26-9 - iCloud for Windows 11.2 is now available and addresses code execution, cross site scripting, denial of service, out of bounds read, and out of bounds write vulnerabilities.
Apple

Apple Security Advisory 2020-05-26-5

Apple Security Advisory 2020-05-26-5 - watchOS 6.2.5 addresses code execution, cross site scripting, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
Apple

Apple Security Advisory 2020-05-26-8

Apple Security Advisory 2020-05-26-8 - iTunes 12.10.7 for Windows addresses code execution, cross site scripting, denial of service, out of bounds read, and out of bounds write vulnerabilities.
Apple

Apple Security Advisory 2020-05-26-3

Apple Security Advisory 2020-05-26-3 - macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra are now available and address bypass, code execution, denial of service, double free, information leakage, integer overflow, out of bounds read, out...
Apple

Apple Security Advisory 2020-05-26-7

Apple Security Advisory 2020-05-26-7 - Safari 13.1.1 is now available and addresses code execution and cross site scripting vulnerabilities.
Apple

Apple Security Advisory 2020-05-26-6

Apple Security Advisory 2020-05-26-6 - watchOS 5.3.7 addresses a memory corruption vulnerability.
Apple

Apple Security Advisory 2020-05-26-1

Apple Security Advisory 2020-05-26-1 - iOS 13.5 and iPadOS 13.5 address bypass, code execution, cross site scripting, denial of service, double free, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
Apple

Apple Security Advisory 2020-05-26-2

Apple Security Advisory 2020-05-26-2 - iOS 12.4.7 addresses an out of bounds write vulnerability.
SC Magazine

Cisco security advisories address 47 flaws, three critical

Cisco Systems on Wednesday, June 3 released a series of security advisories addressing a total of 47 vulnerabilities, including three critical bugs that were found and fixed in IOS or IOS EX software. Among the most series flaws is a...

Electrolux, Others Conned Out of Big Money by BEC Scammer

Kenenty Hwan Kim has pleaded guilty to swindling the appliance giant and other companies in a set of elaborate schemes.
The Register

Kind of goes without saying, but fix your admin passwords or risk getting borged by this brute-forcing botnet

Publishing platforms, hosts being targeted by Stealthworker malware Servers are being targeted with a malware attack that uses its infected hosts to brute-force other machines.…

News Wrap: Fake Minneapolis Police Breach, Zoom End-To-End Encryption Debate

Threatpost editors discuss debunked reports of a Minneapolis police department breach and Zoom announcing only paying users would get end-to-end encryption.
ZDNet

QNAP NAS devices targeted in another wave of ransomware attacks

eCh0raix ransomware gang returns with a new wave of attacks against QNAP NAS devices.