June 1, IDG News Service – (International) Apple vulnerability could allow firmware modifications, researcher says. A security researcher discovered a vulnerability in the firmware of Apple computers made before mid-2014 in which an attacker could tamper with the system’s unified extensible firmware interface (UEFI) and install a rootkit by exploiting a flaw that unlocks UEFI code when a computer goes to sleep and reawakens. Source
May 30, Softpedia – (International) Blue coat patches SSL visibility appliance against 4 security bugs. Carnegie Mellon University’s Computer Emergency Response Team (CERT) released an advisory warning of cross-site request forgery (CSRF), same-origin policy failure, and other flaws in Blue Coat’s Secure Sockets Layer (SSL) Visibility appliance in which a remote attacker could assume legitimate users’ identities and execute actions on their behalf. The company released a patch mitigating the vulnerabilities. Source