Aggregator

A vulnerability classified as problematic has been found in MediaTek MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T and MT8797. Affected is an unknown function of the component Keyinstall. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2023-20711. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as problematic was found in MediaTek MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8168, MT8175, MT8365, MT8786, MT8789, MT8791T and MT8797. Affected by this vulnerability is an unknown functionality of the component Vcu. The manipulation leads to information disclosure. This vulnerability is known as CVE-2023-20717. The attack needs to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical has been found in MediaTek MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8768, MT8786, MT8788, MT8789 and MT8797. Affected is an unknown function of the component Widevine. The manipulation leads to out-of-bounds write. This vulnerability is traded as CVE-2023-20701. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical was found in MediaTek MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8321, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791T and MT8797. Affected by this vulnerability is an unknown functionality of the component Ril. The manipulation leads to out-of-bounds write. This vulnerability is known as CVE-2023-20707. Attacking locally is a requirement. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, has been found in MediaTek MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T and MT8797. Affected by this issue is some unknown functionality of the component Keyinstall. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2023-20708. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, was found in MediaTek MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8168, MT8175, MT8195, MT8365, MT8395, MT8673, MT8781, MT8786, MT8789, MT8791T and MT8797. This affects an unknown part of the component Vcu. The manipulation leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2023-20718. The attack needs to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

2025年1月13日至17日，“谛听”团队参加“智能网联场景工业控制系统深度防御与安全处置技术”项目课题综合绩效评价会议！

2025年1月13日至17日，“谛听”团队参加“智能网联场景工业控制系统深度防御与安全处置技术”项目课题综合绩效评价会议！

2025年1月13日至17日，“谛听”团队参加“智能网联场景工业控制系统深度防御与安全处置技术”项目课题综合绩效评价会议！

2025年1月13日至17日，“谛听”团队参加“智能网联场景工业控制系统深度防御与安全处置技术”项目课题综合绩效评价会议！

2025年1月13日至17日，“谛听”团队参加“智能网联场景工业控制系统深度防御与安全处置技术”项目课题综合绩效评价会议！

从市场、政策、资本、技术及趋势等维度解读2024年网安产业发展态势和展望2025年趋势。

新年伊始，万象更新，过去的2024年发生了很多大事，俄乌战争进入相持、以色列团灭哈马斯高层、叙利亚阿萨德政府闪崩、韩国现任总统被弹劾拘捕，2024年全球共有76国大选，川普击败哈里斯再度上台成为全球政

新闻速览 美国希望拥有TikTok 50%股份，商务部回应 ChatGPT又全球大面积宕机，AI助手暂时&#8 […]

ChatGPT又全球大面积宕机，AI助手暂时”失联”；斯巴鲁系统漏洞曝光，数百万车辆面临远程解锁并启动风险 | 牛览 日期：2025年01月25日

当前，AI技术与安全运营的融合已成为行业趋势。根据 Gartner 预测，到 2030 年，75%的SOC团队 […]

《智能化安全运营中心应用指南（2025年）》报告暨代表性厂商评估调研启动 日期：2025年01月25日 阅：73

 

My deepest appreciation to all the incredible cybersecurity
luminaries who joined The Cybersecurity Vault podcast last year! Your
insights, expertise, and thought-provoking discussions made each episode
invaluable for the audience and myself. I appreciate your time and dedication
to advancing the industry!

The Cybersecurity Vault Podcast 2024 Recap:

1. Ian
   Thornton Trump, CISO at Cyjax Limited - Loops
   and Angles of Cybersecurity Compliance
2. Christine
   Bejerasco, CISO at WithSecure - Blaming
   Customers for Cybersecurity Breaches
3. Malcolm
   Harkins, Chief Security & Trust Officer at HiddenLayer - Incident Materiality and Meeting New SEC
   Requirements
4. Cassie
   Crossley, VP of Supply Chain Security at Schneider Electric - Best Practices in Securing 3rd Party
   Supply-Chain
5. Justin
   Daniels, M&A and Tech Transactions Attorney at Baker Donelson - Digital Dilemmas: Legal and Social
   Landscape of Ransom Payments
6. Lisa
   Forte, Partner at Red Goat Security - Hackers
   vs. Heroes: Cybersecurity Crisis Response Leadership Best Practices and Worst
   Fails
7. Donna
   Kidwell, CISO at University of Arizona - Guardians
   of Academia: Battling Cyber Threats in Higher Education
8. Ian
   Thornton Trump, CISO at Cyjax Limited - Ransomware:
   To Pay or Not to Pay?
9. Ejona
   Preci, Principal Manager-Cybersecurity Risk at RISK NOW -  Reality
   of Cybersecurity Risks for AI
10. Mikko
    Hypponen, Chief Research Officer at WithSecure - Rising Threat of Russia’s Cyber Warfare
11. Chase
    Cunningham, VP of Security market Research at G2 - Cybersecurity is Adversarial – Our Failures
    are Attackers Opportunities
12. Ira
    Winkler, CISO at CYE - CrowdStrike
    Global Outage: Unpacking the Fallout and Future
13. Ian
    Thornton Trump, CISO at Cyjax Limited - Chaos
    in Cyber Regulations and Lawsuits
14. Evgeniy
    Kharam, former VP Cybersecurity Architecture at Herjavec Group - Importance of Soft Skills in Cybersecurity
15. Ian
    Thornton Trump, CISO at Inversion6 - The
    Cyber Frenemy of the West: Understanding China

Looking forward, I am excited for all the great guests and conversations
we have lined up for 2025!

You can follow the Cybersecurity Insights channel here: https://www.youtube.com/CybersecurityInsights

The post The Cybersecurity Vault Podcast 2024 Recap appeared first on Security Boulevard.

My deepest