Lucene search
K

119 matches found

The Hacker News
The Hacker News
added 2022/02/01 7:48 a.m.17 views

Reasons Why Every Business is a Target of DDoS Attacks

DDoS Distributed Denial of Service attacks are making headlines almost every day. 2021 saw a 434% upsurge in DDoS attacks, 5.5 times higher than 2020. Q3 2021 saw a 24% increase in the number of DDoS attacks in comparison to Q3 2020. Advanced DDoS attacks that are typically targeted, known as sma...

1.1AI score
Exploits0
ThreatPost
ThreatPost
added 2022/01/21 9:3 p.m.76 views

The Internet’s Most Tempting Targets

The number of exposed assets keeps climbing, but existing security strategies aren’t keeping up. Attack surfaces are getting more complex, and the excruciatingly hard part is figuring out where to focus. For every 1,000 assets on an attack surface, there is often only one that’s truly interesting...

10CVSS9.3AI score0.19087EPSS
Exploits1References13
ThreatPost
ThreatPost
added 2021/12/21 10:8 p.m.17 views

Time to Ditch Big-Brother Accounts for Network Scanning

In almost every network, there is a highly privileged service account remotely connecting to all computers. These accounts are usually used by backup, security or monitoring solutions. But using such accounts to remotely login to systems on the network introduces unnecessary risk — it’s a bad...

7.3AI score
Exploits0References3
The Hacker News
The Hacker News
added 2021/09/17 11:2 a.m.25 views

New Malware Targets Windows Subsystem for Linux to Evade Detection

A number of malicious samples have been created for the Windows Subsystem for Linux WSL with the goal of compromising Windows machines, highlighting a sneaky method that allows the operators to stay under the radar and thwart detection by popular anti-malware engines. The "distinct tradecraft"...

0.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/08/12 5:13 p.m.314 views

Popular Attack Surfaces, August 2021: What You Need to Know

See the Updates section at the end of this post for new information as it comes to light. Whether you attended virtually, IRL, or not at all, Black Hat and DEF CON have officially wrapped, and security folks’ brains are replete with fresh information on new and some not-so-new vulnerabilities and...

10CVSS9.6AI score0.99999EPSS
Exploits186
Rapid7 Blog
Rapid7 Blog
added 2021/07/07 6:7 p.m.32 views

[Security Nation] Jonathan Cran on demystifying startup funding for security companies

!\Security Nation\ Jonathan Cran on demystifying startup funding for security companieshttps://blog.rapid7.com/content/images/2021/07/securitynationlogo.jpg In this episode of Security Nation, we’re joined by Jonathan Cran. We wade into uncharted territory with Jonathan, as he claims the title of...

7.2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/06/21 11:31 a.m.44 views

The Future of Machine Learning and Cybersecurity

The Center for Security and Emerging Technology has a new report: "Machine Learning and Cybersecurity: Hype and Reality." Heres the bottom line: The report offers four conclusions: Machine learning can help defenders more accurately detect and triage potential attacks. However, in many cases thes...

1.7AI score
Exploits0
Veracode
Veracode
added 2020/12/06 4:6 a.m.29 views

Privilege Escalation

AppArmor is vulnerable to privilege escalation attacks. An unauthenticated attacker could have increased attack surfaces which would allow privilege escalation due to the use of common logic to handle 'restart' operations...

5.9CVSS4AI score0.01589EPSS
Exploits0References6Affected Software1
The Hacker News
The Hacker News
added 2020/12/01 8:24 a.m.5 views

4 Free Online Cyber Security Testing Tools For 2021

Set of must-have online security tools that we believe may make a real difference to your cybersecurity program and improve your 2021 budget planning. In September, Gartner published a list of "Top 9 Security and Risk Trends for 2020" putting a bold emphasis on the growing complexity and size of...

6.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2020/10/05 5:15 p.m.32 views

CVE-2020-15675

When processing surfaces, the lifetime may outlive a persistent buffer leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox 81...

8.8CVSS3.9AI score0.01017EPSS
Exploits0References4
OSV
OSV
added 2020/10/01 7:15 p.m.3 views

CVE-2020-15675

When processing surfaces, the lifetime may outlive a persistent buffer leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox 81...

8.8CVSS7.6AI score0.01017EPSS
Exploits0References2
Prion
Prion
added 2020/10/01 7:15 p.m.23 views

Memory corruption

When processing surfaces, the lifetime may outlive a persistent buffer leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox 81...

6.8CVSS8.4AI score0.01017EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2020/10/01 6:32 p.m.50 views

CVE-2020-15675

When processing surfaces, the lifetime may outlive a persistent buffer leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox 81...

8.8CVSS8.6AI score0.01017EPSS
Exploits0
The Hacker News
The Hacker News
added 2020/08/07 8:14 a.m.9 views

How COVID-19 Has Changed Business Cybersecurity Priorities Forever

For much of this year, IT professionals all over the globe have had their hands full, finding ways to help businesses cope with the fallout of the coronavirus COVID-19 pandemic. In many cases, it involved a rapid rollout of significant remote work infrastructure. That infrastructure was called in...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/08/07 8:14 a.m.46 views

How COVID-19 Has Changed Business Cybersecurity Priorities Forever

For much of this year, IT professionals all over the globe have had their hands full, finding ways to help businesses cope with the fallout of the coronavirus COVID-19 pandemic. In many cases, it involved a rapid rollout of significant remote work infrastructure. That infrastructure was called in...

7.3AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2020/01/30 7:11 a.m.53 views

ASSURE Aviation Cyber Security Testing

We've long been supporters and champions of a formalised approach to Aviation Cyber Security Testing. Our research and blogging has taken us on an interesting journey regarding airside and landside security, mapping attack surfaces and explaining how systems work and interact. Speaking and...

6.8AI score
Exploits0
RedHat Linux
RedHat Linux
added 2019/12/02 9:54 a.m.6 views

SDL: not fixed in Red Hat Enterprise Linux 7 erratum RHSA-2019:3950

A flaw was found with the RHSA-2019:3950 erratum, where it did not fix the CVE-2019-13616 SDL vulnerability. A heap-based buffer overflow flaw, in SDL while copying an existing surface into a new optimized one, due to a lack of validation while loading a BMP image, is possible. An application tha...

9.8CVSS7.5AI score0.01752EPSS
Exploits0References4
MSRC
MSRC
added 2019/09/11 7:0 a.m.14 views

Attacking the VM Worker Process

In the past year we invested a lot of time making Hyper-V research more accessible to everyone. Our first blog post, “First Steps in Hyper-V Research”, describes the tools and setup for debugging the hypervisor and examines the interesting attack surfaces of the virtualization stack components. W...

1.6AI score
Exploits0
MSRC
MSRC
added 2019/09/11 7:0 a.m.10 views

Attacking the VM Worker Process

In the past year we invested a lot of time making Hyper-V research more accessible to everyone. Our first blog post, “First Steps in Hyper-V Research”, describes the tools and setup for debugging the hypervisor and examines the interesting attack surfaces of the virtualization stack components. W...

7AI score
Exploits0
Kitploit
Kitploit
added 2019/04/08 9:30 p.m.47 views

Free Cynet Threat Assessment for Mid-sized and Large Organizations

If you cannot see what’s happening in your network, your ability to make smart security decisions will suffer. Many vendors offer threat assessment options, but they usually require an investment of time and resources. One vendor out there – Cynet – is offering a no-cost threat assessment to...

7.3AI score
Exploits0
Rows per page
Query Builder