Recently, security researchers discovered four security vulnerabilities in the BIOSConnect feature of Dell SupportAssist. These vulnerabilities allow attackers to remotely execute code in the BIOS of the affected device. According to the official Dell...
Cortex XSOAR is Palo Alto’s SOAR (Security Orchestration Automation and Correspondence) product. Its main function is to extract alarm information across sources and execute automated workflows to speed up incident response. There are a...
VMware Carbon Black Cloud Workload (AppC) is a software-as-a-service (SaaS) solution that provides services such as next-generation anti-virus (NGAV), endpoint detection and response (EDR), advanced threat search, and vulnerability management, widely used in cloud...
If you use Google Chrome, you may have noticed that Google has launched a new version. Normally, Google Chrome should complete an automatic update and upgrade to the latest version (v91.0.4472.114). But if you...
Paint 3D is one of the programs pre-installed by Microsoft in the Windows 10 system. The program mainly provides more feature-rich picture editing. Of course, the usage rate of this program is so low...
Last week, GitHub disclosed the details of an easily exploitable Linux vulnerability that can be used to elevate the user privileges of the target system to root privileges. The vulnerability is classified as high-risk...
Google announced a new experimental abuse research funding program for abuse-related strategies and product issues outside the scope of existing vulnerability research funding and vulnerability reward programs (VRP). According to the introduction, the amount...
Well-known virtualization solution provider VMware recently issued an emergency security bulletin: The high-risk vulnerability in VMware vCenter Server is being exploited. This vulnerability is scored 9.8 points (out of 10 points). At least one...
Automattic, the company behind the WordPress content management system, will force a security update to be deployed on more than 5 million websites running the Jetpack WordPress plugin. Jetpack is a very popular WordPress...
For Apple’s self-developed M1 processor, some developers have now discovered that it has a huge loophole, so serious that it cannot be repaired if Apple does not modify the design. The Asahi Linux crew...
On May 26, 2021, VMware officially released a risk notice for the remote code execution vulnerability in VMware vCenter Server, which was discovered by Ricter Z, a security researcher at 360 Noah Lab. The...
Fingerprintjs, a developer of network fraud detection solutions, was researching anti-fraud technologies, it unexpectedly discovered that major browsers have program flood vulnerabilities. The test found that Google browser, Firefox browser, Tor Onion browser, and...
On May 17, 2021, XStream issues an alert about remote command execution vulnerability. The CVE number is CVE-2021-29505. This vulnerability has low complexity and high risk. XStream is a simple library to serialize objects...
Some network security researchers have discovered a series of different vulnerabilities in the wireless transmission protocol, that is, WiFi. These vulnerabilities are all related to the way WiFi handles large blocks of data, some...
The second Tuesday of every month is the day when Microsoft releases routine updates. Adobe now also releases updates along with Microsoft. Adobe also launched new security updates according to the release process. The...
On May 11, Microsoft officially released the May security update patch, which fixes a remote code execution vulnerability in the HTTP protocol stack (CVE-2021-31166), which exists in the HTTP protocol stack (http.sys). In the...
