+84949482065
A critical security flaw, CVE-2024-37287, has been identified in Kibana, an open-source data visualization and exploration tool, which could allow attackers to execute arbitrary code via a prototype pollution vulnerability.…
Threat actors have been found hijacking legitimate anti-virus software to conduct undetected malicious activities, using a new tool called SbaProxy that masquerades as legitimate anti-virus components to create proxy connections…
The US National Institute of Standards and Technology (NIST) has published three post-quantum cryptography (PQC) algorithms: ML-KEM (Kyber), ML-DSA (Dilithium), and SLH-DSA (Sphincs+). A fourth algorithm, FN-DSA (FALCON), is expected…
Speaking at the BlackHat USA conference earlier this week, security researcher Patrick Wardle said that computer crash reports offer “a myriad of information that will allow us to extract malware,…
Researchers at Oligo Security have identified a zero-day vulnerability affecting all major browsers that could be exploited to bypass browser security and possibly access local networks. According to the researchers,…
CrowdStrike has published a technical root cause analysis of the July 19 incident that disrupted travel and commerce worldwide due to an out-of-bounds read issue “beyond the end of the…
Authorities have seized over $41 million that was stolen from a commodities firm in Singapore in a business email compromise (BEC) attack. The thieves, impersonating a supplier, requested that a…
Researchers from Graz University of Technology in Austria have published a paper that describes “a novel kernel exploitation technique elevating a limited heap vulnerability to an arbitrary memory read-and-write primitive.”…
AWS says it is using a neural network called Mithra, “a massive internal neural network graph model … that uses algorithms for threat intelligence” to identify malicious domains. Mithra has…
The US Treasury Department has imposed sanctions on two individuals for their alleged involvement in cyberattacks against elements of US critical infrastructure. Yuliya Pankratova allegedly oversaw operations for a hacking…
