+84949482065
Check Point Research has discovered a network of GitHub accounts that have been used to distribute malware and malicious links. The accounts also “perform other actions such as starring, forking,…
In a Preliminary Post Incident Review, CrowdStrike explains how they missed the error in the Falcon update for Windows last week. CrowdStrike says that a bug in their “Content Validator”…
Security firm KnowBe4 is sharing a cautionary tale. A North Korean hacker used a stolen identity to apply for a position as a software engineer at KnowBe4. Thanks to the…
A ransomware group is exploiting a known vulnerability in Veeam to infect systems with a LockBit variant. A fix for the high-severity flaw in Veeam Backup & Replication software was…
VMware has released updates for their Aria Automation product to address an SQL-injection vulnerability that could be exploited to perform unauthorized read/write operations in the database. The vulnerability is due…
Indonesia’s National Data Center was hit with ransomware attack. The incident has disrupted multiple services, including immigration document management as well as school and university enrollment services. Indonesia’s Communications Ministry…
Automobile dealership software-as-a-service (SaaS) provider CDK Global has set up interactive voice-response lines for customers to obtain information about the ransomware attack that has disrupted operations at its customers’ organizations.…
A critical use-after-free vulnerability in the HTTP Connection Headers parsing in Tinyproxy versions 1.11.1 and 1.10.0 can be exploited to achieve memory corruption and remote code execution. The vulnerability is…
HPE Aruba Networking has released updates to address a total of 10 vulnerabilities in ArubaOS. Of those 10, four are critical unauthenticated buffer overflow vulnerabilities that could be exploited to…
Researchers from Microsoft Threat Intelligence have published their investigation into a tool used by Russian state-sponsored threat actors that exploits a known vulnerability (CVE-2022-38028) in the Windows Print Spooler service.…
