Online Privacy and Overfishing
Microsoft recently caught state-backed hackers using its generative AI tools to help with their attacks. In the security community, the immediate questions weren't about how hackers were using the tools (that was utterly predictable), but about how Microsoft figured it out. The natural conclusion.....
7AI Score
UnitedHealth Group has given an update on the February cyberattack on Change Healthcare, one of its subsidiaries. In the update, the company revealed the scale of the breach, saying: “Based on initial targeted data sampling to date, the company has found files containing protected health...
7.5AI Score
Top 7 Key Network Security Trends to Watch in 2011
Network security is on everyone's mind as 2010 comes to an end. Adam Powers, CTO of Atlanta-based Lancope, offers insights into expected trends for 2011. IT Consumerization and Internal Threats The introduction of consumer devices into corporate networks is reshaping security strategies....
7AI Score
Barracuda Networks Launches Bug Bounty Program for Security Products
Barracuda Networks announced on Tuesday that it will pay over $3,100 to anyone who can hack into its security products. This bug bounty program is the first of its kind from a pure-play security vendor. “This initiative reflects our commitment to our customers and the security community at large,”....
7.8AI Score
Tenda W30E fromRouteStatic function buffer overflow vulnerability
The Tenda W30E is a router from the Chinese company Tenda. A buffer overflow vulnerability exists in Tenda W30E version 1.0.1.25(633), which originates from the parameter page of the fromRouteStatic function in /goform/fromRouteStatic that fails to correctly validate the length of the input data,.....
8.8CVSS
8.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix use-after-free in free_irq() From commit a304e1b82808 ("[PATCH] Debug shared irqs"), there is a test to make sure the shared irq handler should be able to handle the unexpected event after deregistration......
6.9AI Score
0.0004EPSS
Canada Introduces Bill C-28 to Combat Spam with Hefty Fines
Spam is arguably the most irritating aspect of the internet and email for people globally. However, there is hope in Canada for those who have been targeted by spammers. A new law, Bill C-28, aims to facilitate government efforts in prosecuting and fining individuals and companies guilty of...
6.8AI Score
New PHP Vulnerability Exposes Windows Servers to Remote Code Execution
Details have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution under certain circumstances. The vulnerability, tracked as CVE-2024-4577, has been described as a CGI argument injection vulnerability affecting all versions of PHP...
9.8CVSS
8.2AI Score
0.973EPSS
The US Government Has a Microsoft Problem
Microsoft has stumbled through a series of major cybersecurity failures over the past few years. Experts say the US government’s reliance on its systems means the company continues to get a free...
7.2AI Score
In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306] general protection...
7.5AI Score
0.0004EPSS
ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models
ASUS has shipped software updates to address a critical security flaw impacting its routers that could be exploited by malicious actors to bypass authentication. Tracked as CVE-2024-3080, the vulnerability carries a CVSS score of 9.8 out of a maximum of 10.0. "Certain ASUS router models have...
9.8CVSS
9.3AI Score
0.001EPSS
Snowflake Warns: Targeted Credential Theft Campaign Hits Cloud Customers
Cloud computing and analytics company Snowflake said a "limited number" of its customers have been singled out as part of a targeted campaign. "We have not identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake's platform," the company.....
7.2AI Score
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix warning during rehash As previously explained, the rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks (all the filters with the same priority)...
6.4AI Score
0.0004EPSS
Only one critical issue disclosed as part of Microsoft Patch Tuesday
Microsoft released its monthly security update Tuesday, disclosing 49 vulnerabilities across its suite of products and software. Of those there is only one critical vulnerability. Every other security issues disclosed this month is considered "important." The lone critical security issue is...
9.8CVSS
9.8AI Score
0.003EPSS
Microsoft Uncovers 'Moonstone Sleet' — New North Korean Hacker Group
A never-before-seen North Korean threat actor codenamed Moonstone Sleet has been attributed as behind cyber attacks targeting individuals and organizations in the software and information technology, education, and defense industrial base sectors with ransomware and bespoke malware previously...
7.4AI Score
VMware Issues Patches for Cloud Foundation, vCenter Server, and vSphere ESXi
VMware has released updates to address critical flaws impacting Cloud Foundation, vCenter Server, and vSphere ESXi that could be exploited to achieve privilege escalation and remote code execution. The list of vulnerabilities is as follows - CVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8) -...
9.8CVSS
8.7AI Score
0.044EPSS
New Attack Technique Exploits Microsoft Management Console Files
Threat actors are exploiting a novel attack technique in the wild that leverages specially crafted management saved console (MSC) files to gain full code execution using Microsoft Management Console (MMC) and evade security defenses. Elastic Security Labs has codenamed the approach GrimResource...
6.6AI Score
IT threat evolution Q1 2024 IT threat evolution Q1 2024. Mobile statistics IT threat evolution Q1 2024. Non-mobile statistics Targeted attacks Operation Triangulation: the final mystery Last June, we published a series of reports on Operation Triangulation, a previously unknown iOS malware...
7.8CVSS
6AI Score
0.003EPSS
The remote host appears to be a network printer, multi-function device, or other fragile device. Such devices often react very poorly when scanned. To avoid problems, Nessus has marked the remote host as 'Dead' and will not scan...
7.5AI Score
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash The rehash delayed work migrates filters from one region to another according to the number of available credits. The migrated from region is destroyed at the end....
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash The rehash delayed work migrates filters from one region to another. This is done by iterating over all chunks (all the filters with the same priority) in the region and in...
6.6AI Score
0.0004EPSS
Microsoft Edge (Chromium-based) Spoofing Vulnerability (CNVD-2024-17977)
Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. A spoofing vulnerability exists in Microsoft Edge (Chromium-based). An attacker could exploit this vulnerability to conduct spoofing...
3.3CVSS
6.4AI Score
0.001EPSS
Microsoft Warns of New 'FalseFont' Backdoor Targeting the Defense Sector
Organizations in the Defense Industrial Base (DIB) sector are in the crosshairs of an Iranian threat actor as part of a campaign designed to deliver a never-before-seen backdoor called FalseFont. The findings come from Microsoft, which is tracking the activity under its weather-themed moniker...
9.8CVSS
9.6AI Score
0.972EPSS
JVN#43215077: Multiple vulnerabilities in UNIVERSAL PASSPORT RX
UNIVERSAL PASSPORT RX provided by Japan System Techniques Co., Ltd. contains multiple vulnerabilities listed below. Cross-site scripting (CWE-79) CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Base Score 5.4 CVE-2023-42427 Dependency on vulnerable third-party component (CWE-1395) Known...
7.2AI Score
0.0004EPSS
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability (CNVD-2024-17975)
Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. Microsoft Edge (Chromium-based) suffers from an information disclosure vulnerability that can be exploited by attackers to escape the browser sandbox and obtain sensitive...
8.2CVSS
6.5AI Score
0.001EPSS
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability (CNVD-2024-17976)
Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. A remote code execution vulnerability exists in Microsoft Edge (Chromium-based), which can be exploited by an attacker to execute arbitrary code on a...
8.3CVSS
8.4AI Score
0.003EPSS
Expert Warns: Cyber Crime Now Operates Like Legitimate Businesses
Today's cybercrime has far-reaching implications for security professionals. Corporate environments are increasingly targeted, with intellectual property becoming a primary focus for criminal activity. According to Uri Rivner, head of new technologies, identity protection, and verification at RSA,....
7.2AI Score
Microsoft Edge (Chromium-based) Spoofing Vulnerability (CNVD-2024-17971)
Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. Microsoft Edge (Chromium-based) suffers from a spoofing vulnerability that can be exploited by attackers to override and spoof elements of the user...
4.3CVSS
6.8AI Score
0.001EPSS
New Research Warns About Weak Offboarding Management and Insider Risks
A recent study by Wing Security found that 63% of businesses may have former employees with access to organizational data, and that automating SaaS Security can help mitigate offboarding risks. Employee offboarding is typically seen as a routine administrative task, but it can pose substantial...
6.9AI Score
Beware: Fake Browser Updates Deliver BitRAT and Lumma Stealer Malware
Fake web browser updates are being used to deliver remote access trojans (RATs) and information stealer malware such as BitRAT and Lumma Stealer (aka LummaC2). "Fake browser updates have been responsible for numerous malware infections, including those of the well-known SocGholish malware,"...
7.1AI Score
Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability
Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. Microsoft Edge for Android (Chromium-based) suffers from an information disclosure vulnerability that can be exploited by attackers to obtain sensitive...
4.3CVSS
6.1AI Score
0.001EPSS
Mark Zuckerberg's China Visit Signals Facebook's Expansion Plans
It seems that Facebook has now extended a hand of friendship toward China. Mark Zuckerberg has announced that he is going on a vacation to China with his girlfriend. His itinerary includes meetings with some of China's biggest high-tech executives, signaling his intention to extend the reach of...
7.1AI Score
Buffer Overflow Vulnerability in Various Apple Products
Apple macOS Ventura is a desktop operating system from the American company Apple. A buffer overflow vulnerability exists in various Apple products that stems from incorrect validation of input. An attacker could exploit the vulnerability to execute arbitrary code with kernel...
8.6CVSS
7.9AI Score
0.004EPSS
Unpatched Flaw in IE Bypasses Key Windows Security Features
An exploit exploiting an unpatched vulnerability in Internet Explorer (IE) has gone public. Security researcher Shahin Ramezany announced in a Tuesday tweet that he successfully exploited the flaw, which involves how IE handles CSS style sheets on Windows 7 and Vista machines. Offensive Security,.....
7.7AI Score
Pakistani Hackers Use DISGOMOJI Malware in Indian Government Cyber Attacks
A suspected Pakistan-based threat actor has been linked to a cyber espionage campaign targeting Indian government entities in 2024. Cybersecurity company Volexity is tracking the activity under the moniker UTA0137, noting the adversary's exclusive use of a malware called DISGOMOJI that's written...
7.8CVSS
8.6AI Score
0.076EPSS
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix use-after-free in free_irq() From commit a304e1b82808 ("[PATCH] Debug shared irqs"), there is a test to make sure the shared irq handler should be able to handle the unexpected event after deregistration......
7.3AI Score
0.0004EPSS
Microsoft Targets Android with Patent Infringement Allegations
The mobile phone wars became more interesting late on Tuesday when Microsoft publicly claimed for the first time that Google's Android operating system infringes on its intellectual property. According to sources close to the company, Microsoft believes that Android infringes on its patented...
7.1AI Score
Hackers Exploit Legitimate Websites to Deliver BadSpace Windows Backdoor
Legitimate-but-compromised websites are being used as a conduit to deliver a Windows backdoor dubbed BadSpace under the guise of fake browser updates. "The threat actor employs a multi-stage attack chain involving an infected website, a command-and-control (C2) server, in some cases a fake browser....
7.1AI Score
Celebrity TikTok Accounts Compromised Using Zero-Click Attack via DMs
Popular video-sharing platform TikTok has acknowledged a security issue that has been exploited by threat actors to take control of high-profile accounts on the platform. The development was first reported by Semafor and Forbes, which detailed a zero-click account takeover campaign that allows...
7.3AI Score
With RSAC just a week away, Cisco Talos is gearing up for another year of heading to San Francisco to share in some of the latest major cybersecurity announcements, research and news. We've pulled together the highlights, so you don't miss out on all things Talos. **Tuesday, May 7 ** Joe...
7.2AI Score
7.8CVSS
7.8AI Score
0.0004EPSS
7.5CVSS
7.5AI Score
0.0005EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
7.5CVSS
7.7AI Score
0.0004EPSS
8.4CVSS
7.9AI Score
0.0004EPSS
Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon...
7.5CVSS
7.5AI Score
0.0005EPSS
In the function call related to CAM_REQ_MGR_RELEASE_BUF there is no check if the buffer is being used. So when a function called cam_mem_get_cpu_buf to get the kernel va to use, another thread can call CAM_REQ_MGR_RELEASE_BUF to unmap the kernel va which cause UAF of the kernel...
7.8CVSS
7.5AI Score
0.0004EPSS
The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to...
7.8CVSS
7.5AI Score
0.0004EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
7.8CVSS
7.9AI Score
0.0004EPSS