The Android sandbox environment previously known as Android for Work is susceptible to “app-in-the-middle attacks” that put enterprise data at risk, Skycure security researchers say.
CyberX, a company that specializes in ICS security, has been monitoring a well-organized campaign that has targeted at least 70 entities with ties to Ukraine, including the country’s critical infrastructure.
An update released this week by Apple for the music creation app GarageBand addresses a high severity vulnerability that can be exploited for arbitrary code execution.
A high severity denial-of-service (DoS) vulnerability was patched on Thursday in OpenSSL with the release of version 1.1.0e.
The flaw, tracked as CVE-2017-3733, has been described as an “Encrypt-Then-Mac renegotiation crash.” The security hole, reported by Joe Orton of Red Hat on January 31, does not affect OpenSSL 1.0.2.
A cyber espionage operation linked to Iran and the recent Shamoon 2 attacks has targeted several organizations in the Middle East, particularly in Saudi Arabia.