CVE-2024-5921

An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root...

GRUB2 bootloader is vulnerable to buffer overflow

Overview The GRUB2 boot loader is vulnerable to buffer overflow, which results in arbitrary code execution during the boot process, even when Secure Boot is enabled. Description GRUB2 is a multiboot boot loader that replaced GRUB Legacy in 2012. A boot loader is the first program that runs upon...

Defending the power grid against supply chain attacks—Part 1: The risk defined

Most people don’t think about electricity. If the internet works, their food is refrigerated, and their debit card is approved, why should they? Its ubiquity and reliability render it invisible—a bit of magic that powers much of modern life. That is, until a large storm passes through. Localized...