Lucene search
K

2665 matches found

Malwarebytes
Malwarebytes
added 2021/03/08 12:50 p.m.38 views

International Women’s Day: Women in tech name their heroes

Happy Monday! And if you haven’t yet checked the significance of this day—March 8—before grabbing coffee, today is International Women’s Day IWD. Since March 19, 1911, the year the very first IWD was observed in several European countries, millions of people have been calling for women to be give...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/03/01 2:0 p.m.39 views

Defending online anonymity and speech with Eva Galperin: Lock and Code S02E03

This week on Lock and Code, we discuss the top security headlines generated right here on Labs. In addition, we talk to Eva Galperin, director of cybersecurity for Electronic Frontier Foundation, about the importance of protecting online anonymity and speech. In January, the New York Times expose...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2021/02/23 3:17 p.m.60 views

Clop targets execs, ransomware tactics get another new twist

Ransomware peddlers have come up with yet another devious twist on the recent trend for data exfiltration. After interviewing several victims of the Clop ransomware, ZDNet discovered that its operators appear to be systematically targeting the workstations of executives. After all, the top manage...

6.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/02/23 12:18 p.m.49 views

Dependency Confusion: Another Supply-Chain Vulnerability

Alex Birsan writes about being able to install malware into proprietary corporate software by naming the code files to be identical to internal corporate code files. From a ZDNet article: Today, developers at small or large companies use package managers to download and import libraries that are...

1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2021/02/22 3:0 p.m.49 views

VMware Carbon Black Named to the 2021 CRN Security 100 List

We are proud to announce that CRN®, a brand of The Channel Company, has named VMware Carbon Black to its annual Security 100 list. The Security 100 list features leading IT channel security vendors and is compiled by a panel of CRN editors, recognizing channel-focused security vendors across five...

1.3AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2021/02/17 2:0 p.m.44 views

Parler Says It’s Back

The platform was kicked off Amazon’s servers. Now it says it no longer relies on “Big Tech” for its infrastructure...

3.5AI score
Exploits0
The Hacker News
The Hacker News
added 2021/02/17 7:11 a.m.98 views

Malvertisers Exploited WebKit 0-Day to Redirect Browser Users to Scam Sites

A malvertising group known as "ScamClub" exploited a zero-day vulnerability in WebKit-based browsers to inject malicious payloads that redirected users to fraudulent websites gift card scams. The attacks, first spotted by ad security firm Confiant in late June 2020, leveraged a bug CVE-2021–1801...

6.5CVSS0.8AI score0.01515EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2021/02/12 5:1 p.m.61 views

Malvertising campaign on PornHub and other top adult brands exposes users to tech support scams

Threat actors involved in tech support scams have been running a browser locker campaign from November 2020 until February 2021 on the worlds largest adult platforms including PornHub. The same group behind this campaign has been active for much longer and we believe is tied to previous schemes...

7.2AI score
Exploits0
Akamai Blog
Akamai Blog
added 2021/02/08 2:0 p.m.41 views

Inspiring the Next Generation with DigiGirlz

photo courtesy of Microsoft DigiGirlz is an initiative organized by Microsoft to engage girls in technological education and careers. The initiative, which launched in 2000, consists of two main programs: DigiGirlz Day and High Tech Camp. This program has been a cornerstone of Microsoft's communi...

7.1AI score
Exploits0
Akamai Blog
Akamai Blog
added 2021/02/08 5:0 a.m.20 views

Inspiring the Next Generation with DigiGirlz

DigiGirlz is an initiative organized by Microsoft to engage girls in technological education and careers. The initiative, which launched in 2000, consists of two main programs: DigiGirlz Day and High Tech Camp. This program has been a cornerstone of Microsoft's community engagement for more than ...

2.3AI score
Exploits0
CNVD
CNVD
added 2021/01/25 12:0 a.m.2 views

SQL Injection Vulnerability in Jinan Ganan Information Technology Co.

Ltd. is a high-tech company engaged in Internet services, mainly for enterprises to provide website construction, website promotion and so on. Ltd. has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive information from the database...

7.5AI score
Exploits0
CNVD
CNVD
added 2021/01/22 12:0 a.m.5 views

Skyworth Home Gateway Smart Terminal DT541 suffers from Denial of Service Vulnerability (CNVD-2021-10399)

hereinafter referred to as "Skyworth Digital" is a national high-tech enterprise focusing on providing comprehensive and systematic digital home solutions and services for global users. A denial of service vulnerability exists in the Skyworth Home Gateway Smart Terminal DT541, which can be...

7AI score
Exploits0
Akamai Blog
Akamai Blog
added 2021/01/20 5:0 a.m.13 views

A Place To Belong

While I've worked for Silicon Valley-based startups and even spent time in the travel tech industry, I'd sometimes feel I was just part of the system. Working each day to earn my keep, and with no bigger purpose than that...

1AI score
Exploits0
CNVD
CNVD
added 2021/01/18 12:0 a.m.3 views

Skyworth Digital Corporation DT521 suffers from a denial of service vulnerability

"Skyworth Digital" is a national high-tech enterprise specializing in providing comprehensive and systematic digital home solutions and services for global users. A denial of service vulnerability exists in Skyworth Digital's DT521, which can be exploited by attackers to cause a denial of service...

7AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2021/01/16 1:0 p.m.55 views

The Race Is On to Identify and Stop Inauguration Rioters

As tech companies scramble to tackle the extreme far-right, police and law enforcement are encasing Washington, DC, in a ring of steel...

2.9AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2021/01/13 6:13 p.m.27 views

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Jul 2020 - Includes Oracle Jul 2020 CPU plus one additional vulnerability

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 7, and 8 that are used by Maximo Asset Management, Maximo Asset Management Essentials, Maximo Asset Management for Energy Optimization, Maximo Asset Management Essentials, Maximo Industry Solutions including...

8.3CVSS2AI score0.04315EPSS
Exploits0Affected Software20
RedHat Linux
RedHat Linux
added 2021/01/13 6:1 p.m.85 views

Important: Red Hat Security Advisory: Red Hat Integration Tech-Preview 2 Camel K security update

An update to the Camel K operator image for Red Hat Integration tech-preview is now available. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

7.7CVSS7.2AI score0.04094EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2021/01/11 8:54 p.m.40 views

Researcher Builds Parler Archive Amid Amazon Suspension

A security researcher said she has scraped and is archiving 99 percent of Parler’s public posts, as the social-media network goes offline following suspensions from Amazon, Apple and Google. Archived content includes public posts from the social-media site. These posts reportedly included Parler...

6.3AI score
Exploits0References19
RustSec
RustSec
added 2021/01/08 12:0 p.m.17 views

Buffer overflow in SmallVec::insert_many

A bug in the SmallVec::insertmany method caused it to allocate a buffer that was smaller than needed. It then wrote past the end of the buffer, causing a buffer overflow and memory corruption on the heap. This bug was only triggered if the iterator passed to insertmany yielded more items than the...

9.8CVSS1.1AI score0.01666EPSS
Exploits1Affected Software1
ThreatPost
ThreatPost
added 2021/01/07 6:8 p.m.37 views

New Year, New Ransomware: Babuk Locker Targets Large Corporations

Only a few days into the new year, one of the first new ransomware strains of 2021 has been discovered. Dubbed Babuk Locker, the ransomware appears to have successfully compromised five companies thus far, according to new research. The research author, Chuong Dong, a computer science student at...

7AI score
Exploits0References15
Rows per page
Query Builder