Lucene search
K

784 matches found

The Hacker News
The Hacker News
added 2023/05/10 6:31 p.m.5 views

Google Announces New Privacy, Safety, and Security Features Across Its Services

Google unveiled a slew of new privacy, safety, and security features today at its annual developer conference, Google I/O. The tech giant's latest initiatives are aimed at protecting its users from cyber threats, including phishing attacks and malicious websites, while providing more control and...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/10 6:31 p.m.23 views

Google Announces New Privacy, Safety, and Security Features Across Its Services

Google unveiled a slew of new privacy, safety, and security features today at its annual developer conference, Google I/O. The tech giant's latest initiatives are aimed at protecting its users from cyber threats, including phishing attacks and malicious websites, while providing more control and...

6.2AI score
Exploits0
NVD
NVD
added 2023/05/08 4:15 p.m.18 views

CVE-2023-30551

Rekor is an open source software supply chain transparency log. Rekor prior to version 1.1.1 may crash due to out of memory OOM conditions caused by reading archive metadata files into memory without checking their sizes first. Verification of a JAR file submitted to Rekor can cause an out of...

7.5CVSS7.5AI score0.0105EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2023/05/08 3:52 p.m.107 views

CVE-2023-30551

Rekor is an open source software supply chain transparency log. Rekor prior to version 1.1.1 may crash due to out of memory OOM conditions caused by reading archive metadata files into memory without checking their sizes first. Verification of a JAR file submitted to Rekor can cause an out of...

7.5CVSS7.6AI score0.0105EPSS
Exploits0
Talos Blog
Talos Blog
added 2023/05/04 6:0 p.m.26 views

Threat Source newsletter (May 4, 2023) — Recapping the biggest headlines to come out of RSA

Welcome to this weeks edition of the Threat Source newsletter. I didnt attend the RSA Conference in person, and on top of that, I was at the NFL Draft while the conference was going on. Im behind on the biggest talks, panels and presentations that came out during the annual security conference, s...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2023/04/28 9:7 p.m.11 views

Friday Squid Blogging: More Squid Camouflage Research

Heres a research group trying to replicate squid cell transparency in mammalian cells. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...

6.7AI score
Exploits0
CISA
CISA
added 2023/04/28 12:0 p.m.10 views

CISA Requests for Comment on Secure Software Self-Attestation Form

CISA has issued requests for comment on the Secure Software Self-Attestation Form. CISA, in coordination with the Office of Budget and Management OMB, released proposed guidance on secure software. This guidance seeks to secure software leveraged by the federal government. CISA expects agencies t...

7AI score
Exploits0References3
MSRC
MSRC
added 2023/04/18 7:0 a.m.22 views

Microsoft Vulnerability Severity Classification for Online Services Publication

The Microsoft Security Response Center MSRC is always looking for ways to provide clarity and transparency around how we assess the impact of vulnerabilities reported in our products and services. We have published a new Microsoft Vulnerability Severity Classification for Online Services to provi...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/14 4:0 a.m.17 views

WhatsApp introduces new security features

WhatsApp has announced several new security features which include an extra check when an account is transferred to a new device. This check asks that users confirm the transfer on their old device. This should warn users in case there is a transfer in progress started by somebody trying to hijac...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/13 8:0 p.m.4 views

Google Launches New Cybersecurity Initiatives to Strengthen Vulnerability Management

Google on Thursday outlined a set of initiatives aimed at improving the vulnerability management ecosystem and establishing greater transparency measures around exploitation. "While the notoriety of zero-day vulnerabilities typically makes headlines, risks remain even after they're known and fixe...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/13 8:0 p.m.35 views

Google Launches New Cybersecurity Initiatives to Strengthen Vulnerability Management

Google on Thursday outlined a set of initiatives aimed at improving the vulnerability management ecosystem and establishing greater transparency measures around exploitation. "While the notoriety of zero-day vulnerabilities typically makes headlines, risks remain even after they're known and fixe...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/13 1:2 p.m.42 views

WhatsApp Introduces New Device Verification Feature to Prevent Account Takeover Attacks

Popular instant messaging app WhatsApp on Thursday announced a new account verification feature that ensures that malware running on a user's mobile device doesn't impact their account. "Mobile device malware is one of the biggest threats to people's privacy and security today because it can take...

6.2AI score
Exploits0
Kitploit
Kitploit
added 2023/04/11 12:30 p.m.39 views

Certwatcher - Tool For Capture And Tracking Certificate Transparency Logs, Using YAML Templates Based DSL

CertWatcher is a tool for capturing and tracking certificate transparency logs, using YAML templates. The tool helps detect and analyze websites using regular expression patterns and is designed for ease of use by security professionals and researchers. Certwatcher continuously monitors the...

7.3AI score
Exploits0References2
The Hacker News
The Hacker News
added 2023/04/06 3:40 a.m.30 views

Google Mandates Android Apps to Offer Easy Account Deletion In-App and Online

Google is enacting a new data deletion policy for Android apps that allow account creation to also offer users with a setting to delete their accounts in an attempt to provide more transparency and control over their data. "For apps that enable app account creation, developers will soon need to...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/06 3:40 a.m.2 views

Google Mandates Android Apps to Offer Easy Account Deletion In-App and Online

Google is enacting a new data deletion policy for Android apps that allow account creation to also offer users with a setting to delete their accounts in an attempt to provide more transparency and control over their data. "For apps that enable app account creation, developers will soon need to...

6.4AI score
Exploits0
Kitploit
Kitploit
added 2023/03/15 11:30 a.m.37 views

CertWatcher - A Tool For Capture And Tracking Certificate Transparency Logs, Using YAML Templates Based DSL

CertWatcher is a tool for capture and tracking certificate transparency logs, using YAML templates. The tool helps to detect and analyze phishing websites and regular expression patterns, and is designed to make it easy to use for security professionals and researchers. Certwatcher continuously...

7.3AI score
Exploits0References3
Code423n4
Code423n4
added 2023/03/09 12:0 a.m.9 views

Lottery owner can rig the draw to win the jackpot by swapping the source

Lines of code Vulnerability details Lottery owner can rig the draw to win the jackpot by swapping the source Impact The lottery owner has the ability to swap the Random Source under certain cirumstances, and this can be exploited to set a new source contract that returns any number set by it. Thi...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/06 11:51 a.m.47 views

Experts Reveal Google Cloud Platform's Blind Spot for Data Exfiltration Attacks

Malicious actors can take advantage of "insufficient" forensic visibility into Google Cloud Platform GCP to exfiltrate sensitive data, a new research has found. "Unfortunately, GCP does not provide the level of visibility in its storage logs that is needed to allow any effective forensic...

1.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/24 9:0 a.m.46 views

Even Top-Ranked Android Apps in Google Play Store Provide Misleading Data Safety Labels

An investigation into data safety labels for Android apps available on the Google Play Store has uncovered "serious loopholes" that allow apps to provide misleading or outright false information. The study, conducted by the Mozilla Foundation as part of its Privacy Not Included initiative, compar...

6.8AI score
Exploits0
Fedora
Fedora
added 2023/02/22 10:16 a.m.33 views

[SECURITY] Fedora 37 Update: OpenImageIO-2.4.8.1-1.fc37

OpenImageIO is a library for reading and writing images, and a bunch of relat ed classes, utilities, and applications. Main features include: - Extremely simple but powerful ImageInput and ImageOutput APIs for reading a nd writing 2D images that is format agnostic. - Format plugins for TIFF,...

7.5CVSS6.5AI score0.01344EPSS
Exploits3
Rows per page
Query Builder