+84949482065
Earlier this month, MITRE added Wiz to its list of CVE Naming Authorities, bringing the total numbers of CNAs to 400. This milestone comes at a time when the US…
Researchers from Cisco Talos have provided details about eight vulnerabilities in Microsoft apps for macOS. The flaws could be exploited by injecting specially crafted libraries into the apps to access…
A threat actor linked to the RansomHub ransomware has been observed using a new tool EDRKillShifter that can terminate EDR software on compromised systems. More info https://news.sophos.com/en-us/2024/08/14/edr-kill-shifter/
A critical security flaw, CVE-2024-37287, has been identified in Kibana, an open-source data visualization and exploration tool, which could allow attackers to execute arbitrary code via a prototype pollution vulnerability.…
Threat actors have been found hijacking legitimate anti-virus software to conduct undetected malicious activities, using a new tool called SbaProxy that masquerades as legitimate anti-virus components to create proxy connections…
The US National Institute of Standards and Technology (NIST) has published three post-quantum cryptography (PQC) algorithms: ML-KEM (Kyber), ML-DSA (Dilithium), and SLH-DSA (Sphincs+). A fourth algorithm, FN-DSA (FALCON), is expected…
Speaking at the BlackHat USA conference earlier this week, security researcher Patrick Wardle said that computer crash reports offer “a myriad of information that will allow us to extract malware,…
Researchers at Oligo Security have identified a zero-day vulnerability affecting all major browsers that could be exploited to bypass browser security and possibly access local networks. According to the researchers,…
CrowdStrike has published a technical root cause analysis of the July 19 incident that disrupted travel and commerce worldwide due to an out-of-bounds read issue “beyond the end of the…
Authorities have seized over $41 million that was stolen from a commodities firm in Singapore in a business email compromise (BEC) attack. The thieves, impersonating a supplier, requested that a…
