Risk of ‘significant data loss’ for on-prem customers

Apple has released security updates for its phones, iPads, Macs, watches and TVs.

Over the weekend rumours circulated on social networks of an unpatched security hole in the Signal messaging app that could allow a remote hacker to seize control of your smartphone.

Microsoft Threat Intelligence has revealed that it has been tracking the active exploitation of a vulnerability in Atlassian Confluence software since September 14, 2023.

Atlassian releases patch for a new zero-day vulnerability (CVE-2023-22515) in Confluence, risking admin account breaches on Data Center and Server.

Dubbed Looney Tunables by cybersecurity researchers at Qualys; the vulnerability resides within the GNU C Library's dynamic loader.

Experts warn of a critical zero-day vulnerability, tracked as CVE-2023-42115, in all versions of Exim mail transfer agent (MTA) software.

Cisco discloses a new vulnerability (CVE-2023-20109) in IOS Software and IOS XE Software with the potential for remote code execution.

En sécurité informatique, que valent les identificateurs CVE et les évaluations CVSS ?

https://www.cyberveille-sante.gouv.fr/alertes/apple-cve-2023-41990-2023-09-14

A zero-day vulnerability (CVE-2023-20269) in Cisco ASA and FTD is actively exploited in ransomware attacks, the company warns

Cybersecurity experts discovered a sneaky post-exploit trick allowing attackers to secretly stay connected while your device appears offline.

https://www.cert.ssi.gouv.fr/avis/CERTFR-2023-AVI-0649/

The Norwegian National Security Authority (NSM) has confirmed that attackers used a zero-day vulnerability in Ivanti's Endpoint Manager Mobile (EPMM) solution to breach a software platform used by 12 ministries in the country.

Critical Privilege Escalation Vulnerability in MikroTik RouterOS Poses a Severe Threat to Over Half a Million Devices

Apple Rolls Out Urgent Patches for Zero-Day Flaws Impacting iOS, iPadOS, macOS, tvOS, watchOS, and Safari