News

Earlier this month, MITRE added Wiz to its list of CVE Naming Authorities, bringing the total numbers of CNAs to 400. This milestone comes at a time when the US…

A threat actor linked to the RansomHub ransomware has been observed using a new tool EDRKillShifter that can terminate EDR software on compromised systems. More info https://news.sophos.com/en-us/2024/08/14/edr-kill-shifter/

A critical security flaw, CVE-2024-37287, has been identified in Kibana, an open-source data visualization and exploration tool, which could allow attackers to execute arbitrary code via a prototype pollution vulnerability.…

The US National Institute of Standards and Technology (NIST) has published three post-quantum cryptography (PQC) algorithms: ML-KEM (Kyber), ML-DSA (Dilithium), and SLH-DSA (Sphincs+). A fourth algorithm, FN-DSA (FALCON), is expected…

Speaking at the BlackHat USA conference earlier this week, security researcher Patrick Wardle said that computer crash reports offer “a myriad of information that will allow us to extract malware,…

CrowdStrike has published a technical root cause analysis of the July 19 incident that disrupted travel and commerce worldwide due to an out-of-bounds read issue “beyond the end of the…

Authorities have seized over $41 million that was stolen from a commodities firm in Singapore in a business email compromise (BEC) attack. The thieves, impersonating a supplier, requested that a…