#RSAC: Experts Urge Applying Lessons Learned from Russia-Ukraine Cyberwar to Potential China-Taiwan Scenario
As tensions rise between China and Taiwan, US Government officials are keen to implement lessons learned from Ukraine’s cyberwar Read More
Smashing Security podcast #319: The CEO who also ran IT, Strava strife, and TikTok tall tales
A boss is bitten in the bottom after being struck by one of the worst crimes in Finnish history, Strava’s privacy isn’t so private, and...
#RSAC: Pro Sports Grapple with Convergence of Cyber and Physical Security Challenges
CISOs from the NBA, NFL and NHL discuss their close cooperation to mitigate the unique cyber risks they experience Read More
Iranian cyberspies deploy new malware implant on Microsoft Exchange Servers
A cyberespionage group believed to be associated with the Iranian government has been infecting Microsoft Exchange Servers with a new malware implant dubbed BellaCiao that...
CVE-2020-36070
Insecure Permission vulnerability found in Yoyager v.1.4 and before allows a remote attacker to execute arbitrary code via a crafted .php file to the media...
USN-6042-1: Cloud-init vulnerability
James Glovich discovered that sensitive data could be exposed in logs. An attacker could use this information to find hashed passwords and possibly escalate their...
USN-6017-2: Ghostscript vulnerability
USN-6017-1 fixed vulnerabilities in Ghostscript. This update provides the corresponding updates for Ubuntu 23.04. Original advisory details: Hadrien Perrineau discovered that Ghostscript incorrectly handled certain...
#RSAC: ISACA’s New Ransomware Incident Checklist to Aid Cyber Pros
ISACA’s Rob Clyde tells Infosecurity about the role of the guidance as well as new findings about cyber insurance Read More
Evasive Panda’s Backdoor MgBot Delivered Via Chinese Software Updates
Most of the plugins are designed to steal information from highly popular Chinese applications Read More
USN-6045-1: Linux kernel vulnerabilities
It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker...