News

Atlassian’s August 2024 Security Bulletin addresses vulnerabilities in Bamboo Data Center and Server, Confluence Data Center and Server, Crowd Data Center and Server, and Jira Data Center and Server, and…

Researchers from French security firm Quarkslab have discovered a backdoor affecting certain models of MIFARE Classis smart cards. The vulnerability allows the RFID cards to be instantaneously cloned, allowing access…

Researchers from Datadog Security Labs have detected a new campaign exploiting the Log4Shell vulnerability. The critical flaw was first detected in November 2021 and exploits surfaced less than two weeks…

Microsoft is rolling out mandatory multi-factor authentication (MFA) for Azure starting on October. At that time, “MFA will be required to sign-in to Azure portal, Microsoft Entra admin center, and…

Earlier this month, MITRE added Wiz to its list of CVE Naming Authorities, bringing the total numbers of CNAs to 400. This milestone comes at a time when the US…

A threat actor linked to the RansomHub ransomware has been observed using a new tool EDRKillShifter that can terminate EDR software on compromised systems. More info https://news.sophos.com/en-us/2024/08/14/edr-kill-shifter/

A critical security flaw, CVE-2024-37287, has been identified in Kibana, an open-source data visualization and exploration tool, which could allow attackers to execute arbitrary code via a prototype pollution vulnerability.…

The US National Institute of Standards and Technology (NIST) has published three post-quantum cryptography (PQC) algorithms: ML-KEM (Kyber), ML-DSA (Dilithium), and SLH-DSA (Sphincs+). A fourth algorithm, FN-DSA (FALCON), is expected…