Polonium Uses Seven Backdoor Variants to Spy on Israeli Organizations
Researchers at ESET found evidence of previously undocumented custom tools used by the hackers Read More
#ISC2Congress: US Government is Embracing ‘Collective Defense’
We are all in it together, says the DoE's chief information officer Read More
USN-5671-1: AdvanceCOMP vulnerabilities
It was discovered that AdvanceCOMP did not properly manage memory of function be_uint32_read() under certain circumstances. If a user were tricked into opening a specially...
dhcp-4.4.3-4.P1.fc35
FEDORA-2022-c4f274a54f Packages in this update: dhcp-4.4.3-4.P1.fc35 Update description: New version 4.4.3-P1 (rhbz#2132240) Fix for CVE-2022-2928 (rhbz#2132429) Fix for CVE-2022-2929 (rhbz#2132430) Read More
A Vulnerability in FortiOS / FortiProxy / FortiSwitch Manager Could Allow for Authentication Bypass
A vulnerability has been discovered in FortiOS, FortiProxy and FortiSwitchManager, which could allow for authentication bypass on administrative interface. FortiOS is the Fortinet’s proprietary Operation...
Critical Patches Issued for Microsoft Products, October 11, 2022
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged...
DSA-5252 libreoffice – security update
It was discovered that insufficient validation of vnd.libreoffice.command URI schemes could result in the execution of arbitrary macro commands. Read More
“Stealing the crown jewels” – see me talk at UK Cyber Week
At UKCyberWeek at the Business Design Centre in London, on 3 & 4 November 2022, I'll be offering practical insight on how computer systems are...
CVE-2021-36201
Under certain circumstances a C•CURE Portal user could enumerate user accounts in C•CURE 9000 version 2.90 and prior versions. This issue affects: C•CURE 9000 2.90...
Microsoft Patch Tuesday, October 2022 Edition
Microsoft today released updates to fix at least 85 security holes in its Windows operating systems and related software, including a new zero-day vulnerability in...