Hacker Selling 340 Million OnlyFans User Records Built From Old Breaches

A hacker is selling a 340M OnlyFans user database allegedly built by matching old breach data and public profiles to real OnlyFans accounts...

The vulnerability of BitLocker’s data protection function in the Microsoft Windows operating system allows attackers to circumvent existing security restrictions.

The vulnerability of BitLocker’s data protection function in the Microsoft Windows operating system is related to a breach of the data protection mechanism. Exploiting this vulnerability could allow an attacker to circumvent existing security restrictions...

How Attorneys Are Harming Cybersecurity Incident Response

New paper: "Lessons Lost: Incident Response in the Age of Cyber Insurance and Breach Attorneys": Abstract: Incident Response IR allows victim firms to detect, contain, and recover from security incidents. It should also help the wider community avoid similar attacks in the future. In pursuit of...

The vulnerability of the Kerberos protocol implemented in Windows operating systems allows attackers to compromise the integrity of protected information.

The vulnerability of the Kerberos protocol in the Windows operating system is related to a breach of the data protection mechanism. Exploiting this vulnerability allows an attacker, acting remotely, to compromise the integrity of the protected information...

Steamer - Import, Search, and Manage Public Password Breach Data

Import, manage, search public dumps. Do you have massive amounts of CSV, .sql, .txt, that have credentials, passwords, and hashes inside? Use Steamer to manage them! Load them into a MongoDB database, and either uses the console directly or just use the handy web interface complete with JSON...

Vulnerabilities in the Debian GNU/Linux operating system that allow a local malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the linux-headers-2.6-r4k-kn04 package of the Debian GNU/Linux operating system may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited by local malicious individuals...

Vulnerabilities in the Debian GNU/Linux operating system that allow a local malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the linux-image-alpha-smp operating system package of the Debian GNU/Linux distribution can be exploited, which may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited by local malicious...

Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the XFree86-cyrillic-fonts-4.3.0 package of the Red Hat Enterprise Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the integrity of protected information.

The vulnerability of the subscription-manager-gui-1.0.24.1 package for the Red Hat Enterprise Linux operating system can lead to a breach of protected information. This vulnerability can be exploited remotely...

Relax, You Don't Have to Fix Every Vulnerability

Here’s an idea: stop fixing every vulnerability you read about. The best thing to do, it turns out, is to look at the vulnerabilities that are in both Metasploit and the Exploit Database and fix those. That gives you the highest chance of fixing bugs that are likely to be used in an actual attack...