Patch/Configuration Management, Vulnerability Management

Mozilla closes gaping remote code hole in Firefox

October 28, 2010

Mozilla quickly has turned around a patch for a dangerous zero-day vulnerability in its Firefox web browser. One day after the company publicly confirmed the flaw, Mozilla released a fix in Firefox versions 3.6.12 and 3.5.15, according to an advisory. The vulnerability, which was being exploited in the wild, could permit remote code execution. It was first discovered by researchers at security firm Norman ASA after discovering malware on the website for the Nobel Peace Price. — DK

SC Staff

Vulnerability Management

Apple patches TCC bypass vulnerability

SC StaffDecember 19, 2024

The vulnerability, tracked as CVE-2024-44131, was discovered in the FileProvider component and has been fixed in iOS 18, iPadOS 18, and macOS Sequoia 15 through improved validation of symbolic links.

concept of leaky software, data with a tap sticking out.3d illustration

Data Security

Misconfiguration exposes Virtavo security cam user data

SC StaffDecember 18, 2024

Over 8.7 million records, many of which are duplicates, were discovered within the server, including user phone numbers, network information, device identifiers, performance metrics, and other personal details, according to Cybernews researchers.