New CVSS Version Unveiled Amid Rising Cyber Threats
FIRST has released details of version 4.0 of the standard, which aims to address criticisms of CVSS 3.1 Read More
CVE-2022-24834
Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson...
Mandiant Unveils Russian GRU’s Cyber Playbook Against Ukraine
Mandiant has observed that the same playbook has been used by various Russian threat actors since the breakout of war in Ukraine, making them likely...
USN-6228-1: Linux kernel vulnerabilities
It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker...
White House Publishes Plan to Implement US National Cybersecurity Strategy
The plan details over 65 federal initiatives, each of which is assigned to a responsible agency Read More
USN-6227-1: SpiderMonkey vulnerabilities
Several security issues were discovered in the SpiderMonkey JavaScript library. If a user were tricked into opening malicious JavaScript applications or processing malformed data, a...
French Police Will Be Able to Spy on People through Their Cell Phones
The French police are getting new surveillance powers: French police should be able to spy on suspects by remotely activating the camera, microphone and GPS...
Stories from the SOC: OneNote MalSpam – Detection & response
This blog was co-written with Kristen Perreault – Professional Cybersecurity andJames Rodriguez – Sr. Specialist Cybersecurity. Executive summary Since December 22nd, 2022, there has been...
US on Track For Record Number of Data Breaches
Latest quarterly figures show compromises at an all-time high Read More
Fewer Than 100 Scammers Responsible For Global Email Extortion
Barracuda research lifts the lid on widespread threat activity Read More