+84949482065
CrowdStrike has published a technical root cause analysis of the July 19 incident that disrupted travel and commerce worldwide due to an out-of-bounds read issue “beyond the end of the…
Authorities have seized over $41 million that was stolen from a commodities firm in Singapore in a business email compromise (BEC) attack. The thieves, impersonating a supplier, requested that a…
Researchers from Graz University of Technology in Austria have published a paper that describes “a novel kernel exploitation technique elevating a limited heap vulnerability to an arbitrary memory read-and-write primitive.”…
AWS says it is using a neural network called Mithra, “a massive internal neural network graph model … that uses algorithms for threat intelligence” to identify malicious domains. Mithra has…
The US Treasury Department has imposed sanctions on two individuals for their alleged involvement in cyberattacks against elements of US critical infrastructure. Yuliya Pankratova allegedly oversaw operations for a hacking…
Check Point Research has discovered a network of GitHub accounts that have been used to distribute malware and malicious links. The accounts also “perform other actions such as starring, forking,…
In a Preliminary Post Incident Review, CrowdStrike explains how they missed the error in the Falcon update for Windows last week. CrowdStrike says that a bug in their “Content Validator”…
Security firm KnowBe4 is sharing a cautionary tale. A North Korean hacker used a stolen identity to apply for a position as a software engineer at KnowBe4. Thanks to the…
A ransomware group is exploiting a known vulnerability in Veeam to infect systems with a LockBit variant. A fix for the high-severity flaw in Veeam Backup & Replication software was…
VMware has released updates for their Aria Automation product to address an SQL-injection vulnerability that could be exploited to perform unauthorized read/write operations in the database. The vulnerability is due…
