The US government Cybersecurity and Infrastructure Security Agency (CISA) is one of my go to places for advice on product vulnerabilities and patching. There were two this week for VMware and Mozilla Firefox. VMware Releases Security Update for Aria Operations for Networks | CISA Mozilla Releases Security Updates for Multiple …
Google Chrome’s 9th zero-day vulnerability of 2022 now patched
Software is difficult and no matter how much vendors test, both black and white hackers will find vulnerabilities once the software has been released. The issue is how fast does the vendor respond with patches once a vulnerability has been found. Google Chrome emergency update fixes 9th zero-day of the …
Continue reading “Google Chrome’s 9th zero-day vulnerability of 2022 now patched”
CISA adds two vulnerabilities to the Known Exploited Vulnerabilities Catalog
The US government Cybersecurity and Infrastructure Security Agency (CISA) has added advisories for Oracle and Google to the Known Exploited Vulnerabilities Catalog it maintains: CISA Adds Two Known Exploited Vulnerabilities to Catalog | CISA
Google Chrome exploited zero-day vulnerability fixed
Google fixes fifth Chrome zero-day bug exploited this year (bleepingcomputer.com)
Anonymous browsing – not anymore
Researchers from the New Jersey Institute of Technology have written a paper, which they will present at the Usenix Security Symposium in Boston, demonstrating how threat actors (or governments or law enforcement) could de-anonymise a users from their browsing habits. The attackers would analyse browsing activity and state to determine …