Biden-Harris Administration Unveils Smart Device Cyber Program
The criteria for certification are set to be based on cybersecurity guidelines published by NIST Read More
Mobile Spyware: How Hackers Can Turn Your Phone Into a Stalking Machine
Some crooks and shady characters will invade your privacy simply by asking for your permission to snoop—through invasive apps you install on your phone. Invasive...
Industry Experts Urge CISA to Update Secure by Design Guidance
A letter authored by industry experts says that CISA should include specific details on how to implement security-by-design through threat modeling Read More
USN-6237-1: curl vulnerabilities
Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using...
USN-6236-1: ConnMan vulnerabilities
It was discovered that ConnMan could be made to write out of bounds. A remote attacker could possibly use this issue to cause ConnMan to...
NCA: Nation States Using Cybercrime Groups as Proxies
Crime agency chief warns of surging online threat Read More
Norwegian Giant Tomra Suffers “Extensive” Attack
Employees forced to work from home after IT outage Read More
[RT-SA-2023-001] Session Token Enumeration in RWS WorldServer
Posted by RedTeam Pentesting GmbH on Jul 19 Advisory: Session Token Enumeration in RWS WorldServer Session tokens in RWS WorldServer have a low entropy and...
ZDI-23-974: KeySight N6841A RF Sensor removeLicenseFile Directory Traversal Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of KeySight N6841A RF Sensor. An attacker must first obtain the ability to execute...