Microsoft May 2023 Patch released

Microsoft has fixed 49 vulnerabilities in its May 2023 Patch Tuesday edition. Below is the list of the addressed vulnerabilities in the May 2023 Patch Tuesday release: Tag CVE ID CVE Title Severity Microsoft Bluetooth Driver CVE-2023-24947 Windows Bluetooth Driver Remote Code Execution Vulnerability Important Microsoft Bluetooth Driver CVE-2023-24948 Windows Bluetooth Driver Elevation of Privilege …

Microsoft April Patches and Watchlist

Microsoft has released April 2023 Patch Tuesday which has fixes for 1 zero-day and 97 flaws Patch Microsoft March Tuesday Patch if have not patched yet. The March 2023 Microsoft vulnerabilities are classified as follows:   Vulnerability Category  Quantity  Severities  Spoofing Vulnerability  10  Important: 6  Denial of Service Vulnerability  4  Important: 3 Critical: 1  Elevation of Privilege …

Pegasus in News

  Posted in Cyber Security on

  by Suman Tiwari

 

Pegasus is spyware developed by the Israeli cyberarms firm NSO Group that can be covertly installed on mobile phones running most versions of iOS and Android. The 2021 Project Pegasus revelations suggest that the current Pegasus software can exploit all recent iOS versions up to iOS 14.6. (Wikipedia) Here are few of publications and technical …

Regular Expression

  Posted in Cyber Security on

  by Suman Tiwari

 

Regular Expression is also known as Rational Expression or Regex. Regular expression is a sequence of characters that define a search pattern. Usually such patterns are used by string searching algorithms for “find” or “find and replace” operations on strings, or for input validation. It is a technique developed in theoretical computer science and formal …

How to Fix Insecure Deserialisation

The following checks should be implemented before the Java objects are getting deserialized/being read or any operation is being performed: 1. The returned Object is also cast to the specified type 2. Check the classes referenced are safe (Class whitelisting) 3. The number of bytes allowed should be limited (else may lead to denial of …