Frank Crast

PwnKit: “Trivially exploitable” vulnerability found in Linux Polkit’s pkexec tool

Researchers have discovered a “trivially exploitable” local privilege escalation vulnerability (CVE-2021-4034) in Polkit’s pkexec tool that affects likely every major Linux distribution.

PwnKit: “Trivially exploitable” vulnerability found in Linux Polkit’s pkexec tool Read More »

NIST SP 800-53A Revision 5: Assessing Security and Privacy Controls in Information Systems and Organizations

The National Institute of Standards and Technology (NIST) has issued the NIST SP 800-53A “Assessing Security and Privacy Controls in Information Systems and Organizations.”

NIST SP 800-53A Revision 5: Assessing Security and Privacy Controls in Information Systems and Organizations Read More »

FIPS 201-3: Personal Identity Verification (PIV) of Federal Employees and Contractors

The U.S. Secretary of Commerce has approved the publication of FIPS 201-3, the National Institute of Standards and Technology (NIST) latest revision of “Personal Identity Verification (PIV) of Federal Employees and Contractors.”

FIPS 201-3: Personal Identity Verification (PIV) of Federal Employees and Contractors Read More »

CISA adds 8 new actively exploited vulnerabilities (to include latest Apple zero-day)

The Cybersecurity and Infrastructure Security Agency (CISA) has published 8 new actively exploited vulnerabilities, one of those vulnerabilities (CVE-2022-22587) recently fixed by Apple.

CISA adds 8 new actively exploited vulnerabilities (to include latest Apple zero-day) Read More »

Apple releases iOS 15.3, macOS Monterey 12.2 and other product security updates (with fixes for zero-day vulnerability exploit in wild)

Apple has released security updates for iOS 15.3, macOS Monterey 12.2, macOS Big Sur 11.6.3, and other Apple products. The updates also address a zero-day vulnerability (CVE-2022-22587) exploited in the wild.

Apple releases iOS 15.3, macOS Monterey 12.2 and other product security updates (with fixes for zero-day vulnerability exploit in wild) Read More »