Enterprise Technical Security That Matters - March 11, 2022

Android's March 2022 Security Updates Patch 39 Vulnerabilities

Google this week announced the release of patches for 39 vulnerabilities as part of the March 2022 security update for Android. The most serious vulnerability is CVE-2021-39708, a remotely exploitable elevation of privilege issue identified in the System component. By Ionut Arghire I 'March 08, 2022 Read More

The new attack bypasses hardware defenses for Spectre flaw in Intel and ARM CPUs

The hardware-based mitigations introduced in Intel and ARM CPUs over the past few years to fix a serious flaw called Spectre are not as strong as believed. Researchers have devised a new attack method that can defeat the defenses, but exploitation is not as easy as with the original flaw. By Lucian Constantin I March 9, 2022 Read More

In-the-wild DDoS attack can be launched from a single packet to create terabytes of traffic

Dubbed CVE-2022-26143, the flaw resides in around 2,600 incorrectly provisioned Mitel MiCollab and MiVoice Business Express systems that act as PBX-to-internet gateways and have a test mode that should not be exposed to the internet. By Chris Duckett I March 9, 2022 Read More