#vulnerabilities
#vulnerabilities

Four critical bugs in ArubaOS lead to remote code execution

Network admins should patch critical vulnerabilities in ArubaOS immediately to avoid remote code execution by privilege escalation. [ more ]

New Relic

Rethinking vulnerability prioritization

A weighted prioritization system considers key elements for an objective measure, aiding laser-focused resource allocation and proactive defense, while promoting adaptive security. [ more ]

DevOps.com

Datadog DevSecOps Report Shines Spotlight on Java Security Issues - DevOps.com

90% of Java services have critical vulnerabilities from third-party libraries, 63% from indirect dependencies, impacting app security and requiring continuous improvement in DevSecOps. [ more ]

moredevsecops

Theregister

4 days ago

AI helped X-Force hackers break into tech firm in 8 hours

AI automation can drastically reduce time to breach a system, making it imperative for companies to enhance their cybersecurity measures. [ more ]

TechRepublic

Adobe Adds Firefly and AI Watermarking to Bug Bounty Program

Security researchers in Adobe's bug bounty program can now earn rewards for finding vulnerabilities in Adobe Firefly and Content Credentials. [ more ]

TechCrunch

Watch: How Anthropic found a trick to get AI to give you answers it's not supposed to

LLM technology can have vulnerabilities if continuously probed for specific information.

Open-source AI technology allows easy access to LLMs, raising concerns about misuse.

The advancement of AI technology brings challenges in understanding and controlling its capabilities. [ more ]

Ars Technica

Hackers can read private AI assistant chats even though they're encrypted

AI assistants have access to sensitive information like pregnancy, drug addiction, and trade secrets.

Researchers have found a way to decipher AI assistant responses with high accuracy, compromising privacy. [ more ]

cisa

Theregister

Federal frenzy to patch gaping security hole in GitLab

CISA mandates federal agencies to patch critical GitLab vulnerability under active exploitation. [ more ]

Therecord

CISA forced to take two systems offline last month after Ivanti compromise

Hackers breached CISA systems through Ivanti product vulnerabilities

CISA recommended incident response plans and system upgrades for resilience [ more ]

TechRepublic

OpenAI's GPT-4 Can Autonomously Exploit 87% of One-Day Vulnerabilities

GPT-4 can autonomously exploit one-day vulnerabilities. [ more ]

BleepingComputer

Web development

New HTTP/2 DoS attack can crash web servers with a single connection

HTTP/2 protocol has vulnerabilities like CONTINUATION Flood, leading to DoS attacks.

HTTP/2, introduced in 2015, aims to enhance web performance by enabling more efficient data transmission and multiplexing over a single connection. [ more ]

ComputerWeekly.com

Patch Tuesday: Windows Server 2008 receives emergency security patch | Computer Weekly

Microsoft's latest Patch Tuesday in April 2024 addresses 155 vulnerabilities, including 3 critical ones and 145 important severity ones.

An emergency patch for the Proxy Driver Spoofing Vulnerability impacting Windows desktop and server OS was released for end-of-life versions like Windows Server 2008. [ more ]

Theregister

Microsoft security bypass bug said to be under exploit

Microsoft fixed 149 security flaws on Patch Tuesday.

A vulnerability, CVE-2024-26234, was actively exploited with a backdoor in Windows. [ more ]

Zero Day Initiative

Zero Day Initiative - The March 2024 Security Update Review

Adobe released six patches addressing 56 vulnerabilities in various products.

Microsoft's Patch Report webcast on YouTube covers the latest security updates. [ more ]

Theregister

Windows admin-to-kernel exploit went unpatched for 6 months

Researchers notified Microsoft of a rootkit vulnerability in Windows, but the patch took six months to be released.

A serious admin-to-kernel exploit in a driver associated with AppLocker was reported, allowing an attacker to control the kernel function. [ more ]

DevOps.com

Survey Sees Limited DevSecOps Progress Being Made as Vulnerabilities Mount - DevOps.com

Over a third of code contains vulnerabilities, with an average of 55.5 security vulnerabilities each day per organization.

Organizations address only a fraction of vulnerabilities monthly due to limited resources and lengthy remediation phases. [ more ]

DevOps.com

OX Security Optimizes DevSecOps to Improve Application Security - DevOps.com

OX Security's ASPM platform helps DevSecOps teams identify potentially exploitable code in production environments.

The platform reduces the number of alerts generated by 99%, allowing teams to focus on actual risks and prioritize their resources. [ more ]

DevOps.com

Mobb Extends DevSecOps Reach of Tool to Generate Patches - DevOps.com

Mobb now provides instant patches for vulnerabilities during a DevSecOps workflow.

The Mobb platform combines AI and security research to automatically create patches for vulnerabilities. [ more ]

Theregister

Microsoft squashes security bugs under active exploitation

Microsoft fixed 73 security holes in February's Patch Tuesday, including two vulnerabilities that are actively being exploited.

One of the vulnerabilities allows for a bypass of security checks when a user clicks on a maliciously crafted shortcut file, while the other vulnerability allows for a bypass of Windows SmartScreen checks. [ more ]

ComputerWeekly.com

Windows Kerberos, Hyper-V vulns among January Patch Tuesday bugs | Computer Weekly

Microsoft has released 49 new patches addressing various vulnerabilities in its products, including two critical flaws in Windows Kerberos and Windows Hyper-V.

This is the second consecutive light Patch Tuesday release, with no zero-day or Exchange issues addressed.

The vulnerabilities in Windows Kerberos and Windows Hyper-V allow for security feature bypass and remote code execution, respectively, and require proximity to the internal network for exploitation. [ more ]

Nextgov.com

Agencies must disconnect all exposed Ivanti products by Friday, CISA says

CISA has directed federal agencies to disconnect from Ivanti products due to new security vulnerabilities.

China-linked hackers have attempted to exploit these vulnerabilities since at least December. [ more ]

CyberScoop

CISA issues emergency directive for federal agencies to patch Ivanti VPN vulnerabilities

The Cybersecurity and Infrastructure Security Agency issued an emergency directive for federal agencies to patch their systems against a zero-day exploit in a VPN software.

The vulnerabilities in the software were publicly released by the software company on Jan. 10, and so far, the campaign has impacted at least 2,100 devices worldwide. [ more ]

Databreaches

CISA pushes federal agencies to patch Citrix RCE within a week

CISA ordered US federal agencies to secure their systems against recently patched Citrix NetScaler and Google Chrome zero-days.

Citrix urged customers to immediately patch vulnerable systems against code injection and buffer overflow vulnerabilities. [ more ]

Databreaches

CISA pushes federal agencies to patch Citrix RCE within a week

CISA ordered US federal agencies to secure their systems against recently patched Citrix NetScaler and Google Chrome zero-days.

Citrix urged customers to immediately patch vulnerable systems against code injection and buffer overflow vulnerabilities. [ more ]

CyberScoop

White House releases report on securing open-source software

The White House is working to secure open-source software through a transparent and collaborative development process.

Open-source software is widely used and can have widespread impact if vulnerabilities are not properly secured. [ more ]

Rubyflow

How to Use Brakeman to Find Security Vulnerabilities in your Rails app

Regular security assessments are important to protect web applications

Brakeman is a helpful tool for identifying security vulnerabilities in Ruby on Rails apps [ more ]

Rubyflow

How to Use Brakeman to Find Security Vulnerabilities in your Rails app

Regular security assessments are important to protect web applications

Brakeman is a helpful tool for identifying security vulnerabilities in Ruby on Rails apps [ more ]

Ars Technica

New UEFI vulnerabilities send firmware devs across an entire ecosystem scrambling

UEFI firmware from leading suppliers contains vulnerabilities that allow for malware infections at the firmware level.

The vulnerabilities, dubbed PixieFail, pose a threat to public and private data centers. [ more ]

Axios

Researchers warn suspected China-backed hackers are targeting flaws in Invanti VPN tools

Hackers are actively exploiting vulnerabilities in Ivanti's products, potentially impacting its 40,000 customers.

A Chinese state-backed hacking group is suspected of targeting these vulnerabilities to access companies' networks. [ more ]

Axios

Researchers warn suspected China-backed hackers are targeting flaws in Invanti VPN tools

Hackers are actively exploiting vulnerabilities in Ivanti's products, potentially impacting its 40,000 customers.

A Chinese state-backed hacking group is suspected of targeting these vulnerabilities to access companies' networks. [ more ]

Theregister

US reveals email addresses used to send ransomware demands

The Karakurt extortion gang poses a significant challenge for network defenders due to their extensive harassment tactics.

The FBI and US government agencies have released a list of vulnerabilities and methods exploited by Karakurt to help organizations avoid falling victim. [ more ]

morenetwork-security

ScienceDaily

AI networks are more vulnerable to malicious attacks than previously thought

Artificial intelligence tools are more vulnerable to targeted attacks than previously believed, putting applications like autonomous vehicles and medical image interpretation at risk.

Adversarial attacks, in which data is manipulated to confuse AI systems, can cause them to make inaccurate decisions. [ more ]

www.scientificamerican.com

moreArtificial intelligence

Jailbroken AI Chatbots Can Jailbreak Other Chatbots

Artificial intelligence chatbots can be tricked into providing dangerous information by manipulating them to ignore safety protocols.

Researchers conducted a study to demonstrate the vulnerabilities of large language models (LLMs) that power chatbots. [ more ]

www.theguardian.com

1 week ago

Writing

We all want to cut out the bad parts of ourselves. It won't work, and it won't make us happier

Individuals often wish to eliminate parts of themselves they find shameful or weak, seeking self-improvement through various means. [ more ]

ITPro

1 week ago

Path traversal vulnerabilities have been 'unforgivable' for decades - developers still haven't got the message

Directory traversal flaws persist despite long-standing awareness. [ more ]

Theregister

4 days ago

NHS Digital hints at exploit sightings of Arcserve UDP vulns

NHS warns of actively exploited vulnerabilities in Arcserve UDP software. [ more ]

Zero Day Initiative

3 days ago

Zero Day Initiative - The May 2024 Security Update Review

Keeping software updated with the latest security patches is crucial to prevent known vulnerabilities from being exploited by attackers. [ more ]

Theregister

2 days ago

NCSC CTO: Broken market must be fixed to usher in new tech

The tech market's faults contribute to the industry's security problems. [ more ]

Theregister

Software supply chain security still in early days, says CEO

Software supply chain vulnerabilities are increasing due to reliance on untrusted sources, requiring better management and vetting processes. [ more ]

ComputerWeekly.com

Patch GitLab vuln without delay, users warned | Computer Weekly

Prompt patching of CVE-2023-7028 vulnerability in GitLab is essential to prevent account takeover and potential cyber threats. [ more ]

Theregister

Chinese government website security has big problems

Chinese researchers found vulnerabilities in Chinese government websites, including DNS configuration lapses and a notable dependence on a few DNS service providers. [ more ]

Ars Technica

Hackers can unlock over 3 million hotel doors in seconds

Security researchers found a vulnerability in hotel keycard locks allowing quick access.

Exploiting encryption and RFID system vulnerabilities to open Saflok keycard locks is relatively easy. [ more ]

WIRED

Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds

Researchers hacked hotel room door lock at Las Vegas event

Technique Unsaflok enables hackers to open millions of hotel rooms worldwide [ more ]

Theregister

Millions of user records exposed by 900+ sites via Firebase

Firebase misconfigurations led to exposure of sensitive data like plaintext passwords, billing information, and user records.

Security concerns about Firebase have existed due to previous incidents and vulnerabilities. [ more ]

InfoWorld

JetBrains releases security fixes for TeamCity CI/CD system

Two critical security vulnerabilities discovered by Rapid7 in TeamCity On-Premises servers could allow an attacker to gain administrative control. [ more ]

ComputerWeekly.com

OSS leaders detail commitments to bolster software security | Computer Weekly

Leading OSS repositories taking action to enhance security

CISA summit highlighting importance of securing OSS ecosystem [ more ]

Theregister

More than two dozen Android vulnerabilities fixed

Oversecured identified over two dozen vulnerabilities in Xiaomi and Google's Android Open Source Project over the past years. [ more ]

Harvard Business Review

Preventing the Next Big Cyberattack on U.S. Health Care

The cyberattack on Change Healthcare exposed vulnerabilities in the U.S. health care sector that require urgent action for improved cybersecurity. [ more ]

ITPro

Citrix vulnerability behind Change Healthcare cyber attack, CEO claims

UnitedHealth CEO Andrew Witty testifies on cyber attack involving Citrix software. [ more ]

Theregister

3 weeks ago

'Sophisticated' nation-state crew exploiting Cisco firewalls

A sophisticated nation-state group compromised Cisco firewalls for espionage, targeting VPN services globally. [ more ]

ITPro

3 weeks ago

Data science

AI's use as a hacking tool has been overhyped

The study found that GPT-4 was the only model able to write viable exploits for a range of vulnerabilities. [ more ]

GameSpot

Video games

Dragon's Dogma 2 Best Mystic Spearhand Build And Skills

Mastering the Dragon's Dogma 2 Mystic Spearhand build requires precise skill execution and understanding of vulnerabilities and follow-up attacks. [ more ]

Theregister

133k+ Fortinet appliances still vulnerable to CVE-2024-21762

Vulnerable Fortinet appliances

High number of exposures [ more ]

MobileAppAaily

Web design

Indian Govt. Issues High Alert For Google Chrome Web Browser

Google Chrome is widely used globally.

CERT-In identified severe vulnerabilities in older versions of Google Chrome. [ more ]

ComputerWeekly.com

March Patch Tuesday throws up two critical Hyper-V flaws | Computer Weekly

Two critical vulnerabilities in Windows Hyper-V were fixed, notably with a decrease in total fixed vulnerabilities from the previous month.

The slimline update this Patch Tuesday did not include any zero-day vulnerabilities or PoCs, leading to a moment of relative calm in the cybersecurity landscape. [ more ]

Theregister

Graphic design

Font security 'still a Helvetica of a problem' says Canva

Canva discovered three vulnerabilities related to fonts - one high-severity and two moderate-severity.

Font manipulation tools like FontForge and ImageMagick pose security risks when operating on untrusted data due to naming conventions and compression issues. [ more ]

ComputerWeekly.com

Apple patches zero-days amid 'foundational' post-quantum update | Computer Weekly

Apple patches iOS and iPadOS for four critical vulnerabilities, including two zero-days under active exploitation.

Vulnerabilities include memory corruption, real-time operating system flaw, accessibility and privacy issue, and a logic issue affecting Safari Private Browsing. [ more ]

TechRepublic

UK's NCSC Issues Warning as SVR Hackers Target Cloud Services

Russian state hackers are targeting organizations moving to the cloud, focusing on weaknesses in cloud services for initial access.

APT29, linked to Russia's Foreign Intelligence Service, is expanding its cyberattacks to various sectors and adapting techniques for cloud-based environments. [ more ]

WIRED

Here Are the Google and Microsoft Security Updates You Need Right Now

Memory-safety bugs CVE-2024-1553 and CVE-2024-1557 pose high severity with potential for code exploitation.

Zoom and Ivanti software vulnerabilities include privilege escalation and arbitrary code execution risks. [ more ]

TechRepublic

New Vulnerabilities in ConnectWise ScreenConnect Massively Exploited by Attackers

CVE-2024-1709 allows complete control of admin user

CVE-2024-1708 enables path traversal access to files [ more ]

InfoQ

Cloudflare Recaps Thanksgiving 2023 Incident and Response Actions

Security incident on Cloudflare's Atlassian server

Threat actor's access and tools highlighted [ more ]

ComputerWeekly.com

Black Basta, Bl00dy ransomware gangs exploiting ConnectWise vulns | Computer Weekly

Ransomware gangs exploit ConnectWise ScreenConnect vulnerabilities with high CVE scores.

Multiple threat actors using leaked build of LockBit target unpatched organizations. [ more ]

TechCrunch

Researchers say easy-to-exploit security bugs in ConnectWise remote access software now under mass-attack | TechCrunch

Two easy-to-exploit flaws in ConnectWise ScreenConnect are being mass-exploited by hackers.

Hackers are using the vulnerabilities to deploy ransomware and steal sensitive data. [ more ]

eLearning Industry

Safeguarding The Virtual Realm: Best Practices For Secure Metaverse Experiences

Prioritize cybersecurity measures for secure Metaverse app development.

Conduct a security risk assessment to identify and address vulnerabilities. [ more ]

ComputerWeekly.com

ConnectWise users see cyber attacks surge, including ransomware | Computer Weekly

Cyber attacks targeting vulnerable instances of ConnectWise ScreenConnect are escalating.

CVE-2024-1709 authentication bypass vulnerability poses a significant risk and requires immediate patching. [ more ]

TechCrunch

Hackers are exploiting ConnectWise flaws to deploy LockBit ransomware, security experts warn | TechCrunch

The high-risk flaws in ConnectWise ScreenConnect are being exploited by hackers to deploy LockBit ransomware.

Two vulnerabilities, an authentication bypass bug and a path traversal bug, are actively exploited to plant malicious code remotely. [ more ]

Medium

Frontend Application Security: Tips and Tricks

Data breaches are becoming more common, with the average cost reaching $4.45 million.

Frontend application security is crucial for businesses to protect against modern-day attackers. [ more ]

Cloud Pro

Why software 'security debt' is becoming a serious problem for developers

Many organizations have software security debt

Experts advise reassessing how third party code is maintained [ more ]

Theregister

Rust can help make software secure, but it's not a cure-all

Memory-safety flaws are the majority of high-severity problems for Google and Microsoft.

Coding with Rust can help reduce memory safety vulnerabilities, but it won't fix everything. [ more ]

Theregister

Dump C++ and in Rust you can trust, Five Eyes agencies urge

The US Cybersecurity and Infrastructure Agency is urging business and technical leaders to prioritize memory safety in software development.

Memory safety errors can lead to significant damage and be exploited by attackers to take over systems and steal data. [ more ]

Azure DevOps Blog

February patches for Azure DevOps Server - Azure DevOps Blog

Azure DevOps Server has released patches for various versions to fix vulnerabilities and bugs.

The patches include fixes for a remote code execution vulnerability and issues with disk space calculation and folder cleanup. [ more ]

Theregister

FBI: Beware of cloud-credential thieves building botnets

Crooks are exploiting old vulnerabilities to deploy Androxgh0st malware and build a cloud-credential stealing botnet.

Androxgh0st primarily targets .env files containing user credentials for AWS, Microsoft Office 365, SendGrid, and Twilio. [ more ]

Theregister

Atlassian reveals four fresh critical flaws

Atlassian has emailed its customers to warn them of four critical vulnerabilities.

The email contained broken links that did not direct readers to the correct pages. [ more ]

www.fastcompany.com

A Nebraska bill would hire a hacker to probe the state's computer, elections systems

State lawmaker proposes hiring an ethical hacker to protect Nebraska from cyberattacks.

The bill would give the Nebraska State Patrol $200,000 to hire the hacker to test vulnerabilities in the state's computer systems. [ more ]

Ars Technica

As if two Ivanti vulnerabilities under explot wasn't bad enough, now there are 3

Mass exploitation has begun for a critical vulnerability in Ivanti's VPN software, which comes as two other vulnerabilities are already being exploited.

The new vulnerability, tracked as CVE-2024-21893, is a server-side request forgery that has seen a rapid increase in attacks since its disclosure. [ more ]

ComputerWeekly.com

WebKit vulnerability sparks Apple's first major security update of 2024 | Computer Weekly

Apple has released patches for multiple vulnerabilities, including a critical zero-day in the WebKit browser engine used by Safari.

The zero-day vulnerability, CVE-2024-23222, could allow threat actors to execute arbitrary code on Apple devices.

The patch covers various Apple devices, and the extent of exploitation and the actors involved have not been disclosed by Apple. [ more ]

DevOps.com

Survey: Widespread Inability to Remediate App Vulnerabilities - DevOps.com

Only 20% of IT and security professionals feel confident in their ability to detect vulnerabilities before an application is released.

61% of respondents struggle to effectively remediate vulnerabilities, with misalignment between development, security, and compliance teams being a major cause. [ more ]

Ars Technica

Mass exploitation of Ivanti VPNs is infecting networks around the globe

Hackers working for the Chinese government are exploiting critical vulnerabilities in Ivanti VPN appliances.

Over 400 unique hosts have been found with this backdoor, indicating multiple attackers or evolving tactics. [ more ]

Theregister

Atlassian Confluence Server RCE attacks underway

600 IP addresses are launching thousands of exploit attempts against a critical bug in Atlassian Confluence Data Center and Server.

More than 11,000 instances of Confluence remain exposed on the internet, and criminals are attempting remote code execution attacks. [ more ]

Theregister

Security vendors are accused of bending CVE assignment rules

Major tech companies criticized for not properly disclosing vulnerabilities

Juniper Networks and Ivanti accused of bundling multiple vulnerabilities under a single CVE ID [ more ]

Bavarian Football Works

Bayern Munich

Three observations from Bayern's shambolic 1-0 loss against a stubborn Werder Bremen

Bayern Munich's attacking performance was dreadful, lacking creativity and clear-cut chances.

Bayern's defense was vulnerable, particularly on the counter-attack, and struggled against a 12th place Bundesliga side. [ more ]

www.90min.com

Bayern Munich

Bayern Munich might stop Harry Kane from winning the Ballon d'Or - yes, really

Bayern Munich's win over Hoffenheim showcased the team's vulnerabilities.

Harry Kane's move to Bayern Munich positions him as a frontrunner for the Ballon d'Or in 2024. [ more ]

Theregister

FBI: Beware of cloud-credential thieves building botnets

Crooks are exploiting old vulnerabilities to deploy Androxgh0st malware and build a cloud-credential stealing botnet.

Androxgh0st primarily targets .env files containing user credentials for AWS, Microsoft Office 365, SendGrid, and Twilio. [ more ]

Theregister

FBI: Beware of cloud-credential thieves building botnets

Crooks are exploiting old vulnerabilities to deploy Androxgh0st malware and build a cloud-credential stealing botnet.

Androxgh0st primarily targets .env files containing user credentials for AWS, Microsoft Office 365, SendGrid, and Twilio. [ more ]

Theregister

FBI: Beware of cloud-credential thieves building botnets

Crooks are exploiting old vulnerabilities to deploy Androxgh0st malware and build a cloud-credential stealing botnet.

Androxgh0st primarily targets .env files containing user credentials for AWS, Microsoft Office 365, SendGrid, and Twilio. [ more ]

Theregister

FBI: Beware of cloud-credential thieves building botnets

Crooks are exploiting old vulnerabilities to deploy Androxgh0st malware and build a cloud-credential stealing botnet.

Androxgh0st primarily targets .env files containing user credentials for AWS, Microsoft Office 365, SendGrid, and Twilio. [ more ]

Axios

Researchers warn suspected China-backed hackers are targeting flaws in Invanti VPN tools

Hackers are actively exploiting vulnerabilities in Ivanti's products, potentially impacting its 40,000 customers.

A Chinese state-backed hacking group is suspected of targeting these vulnerabilities to access companies' networks. [ more ]

www.mercurynews.com

Apple knew AirDrop users could be identified and tracked as early as 2019, researchers say

Apple was warned about vulnerabilities in AirDrop as early as 2019, which Chinese authorities claim to have used to track down users.

The Chinese government's actions raise concerns about Apple's relationship with China and the ability of authoritarian regimes to exploit US tech products. [ more ]

Rubyflow

Ruby on Rails

How to Use Brakeman to Find Security Vulnerabilities in your Rails app

Regular security assessments are important to protect web applications

Brakeman is a helpful tool for identifying security vulnerabilities in Ruby on Rails apps [ more ]

Ars Technica

Hackers can infect network-connected wrenches to install ransomware

Researchers have discovered 23 vulnerabilities in the Bosch Rexroth Handheld Nutrunner NXA015S-36V-B, a popular line of network-connected wrenches used in factories.

These vulnerabilities could allow hackers to install malware, disable the devices, or manipulate torque settings, posing safety risks. [ more ]

Theregister

MongoDB issues weekend warning of breach

MongoDB experienced a security incident involving unauthorized access to certain systems, resulting in exposure of customer account metadata and contact information.

Customers are advised to be vigilant for social engineering and phishing attacks, activate multi-factor authentication, and regularly rotate passwords. [ more ]

Theregister

MongoDB issues weekend warning of breach

MongoDB experienced a security incident involving unauthorized access to certain systems, resulting in exposure of customer account metadata and contact information.

Customers are advised to be vigilant for social engineering and phishing attacks, activate multi-factor authentication, and regularly rotate passwords. [ more ]

Theregister

MongoDB issues weekend warning of breach

MongoDB experienced a security incident involving unauthorized access to certain systems, resulting in exposure of customer account metadata and contact information.

Customers are advised to be vigilant for social engineering and phishing attacks, activate multi-factor authentication, and regularly rotate passwords. [ more ]

Theregister

US reveals email addresses used to send ransomware demands

The Karakurt extortion gang poses a significant challenge for network defenders due to their extensive harassment tactics.

The FBI and US government agencies have released a list of vulnerabilities and methods exploited by Karakurt to help organizations avoid falling victim. [ more ]

Theregister

US reveals email addresses used to send ransomware demands

The Karakurt extortion gang poses a significant challenge for network defenders due to their extensive harassment tactics.

The FBI and US government agencies have released a list of vulnerabilities and methods exploited by Karakurt to help organizations avoid falling victim. [ more ]

ComputerWeekly.com

Microsoft's Christmas present for cyber teams: no zero-days | Computer Weekly

Microsoft delivers a light Patch Tuesday update with only 34 CVEs listed, following a year of numerous critical vulnerabilities in its products and services.

Despite the light load, the update does include four new updates for critical CVEs and an AMD flaw that is close to zero-day territory. [ more ]

Acm

Researchers Find Vulnerabilities in Windows Hello Implementations

Vulnerabilities have been found in laptop makers' implementations of Windows Hello.

The flaws relate to the Secure Device Connection Protocol (SDCP), which powers Windows Hello.

The vulnerabilities were uncovered as part of a project for Microsoft, Lenovo, and Dell. [ more ]

Acm