New Windows/Linux Firmware Attack
Interesting attack based on malicious pre-OS logo images: LogoFAIL is a constellation of two dozen newly discovered vulnerabilities that have lurked for years, if not...
What is Cybersecurity threat intelligence sharing
Knowledge is power and collaboration is key for organizations to continuously adapt and improve their security measures in order to stay ahead of cybercriminals. An...
Threat Actor Targets Recruiters With Malware
Recruiters are urged to educate staff about a surge in phishing attacks from threat group TA4557 Read More
Backup Migration WordPress Plugin Flaw Impacts 90,000 Sites
Users of popular WordPress plugin Backup Migration are urged to patch a new critical vulnerability Read More
Apache Warns of Critical Vulnerability in Struts 2
Users are urged to patch critical vulnerability in Apache Struts 2 immediately Read More
ZDI-23-1764: Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Check Point ZoneAlarm Extreme Security. An attacker must first obtain the ability to...
ZDI-23-1765: Extreme Networks HiveOS ah_auth Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Extreme Networks routers. Authentication is not required to exploit this vulnerability. The...
ZDI-23-1766: Extreme Networks AP410C ah_webui Missing Authentication for Critical Function Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to reach critical functions on affected installations of Extreme Networks AP410C routers. Authentication is not required to exploit this vulnerability....
USN-6548-1: Linux kernel vulnerabilities
It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. (CVE-2023-3006) It was...
USN-6549-1: Linux kernel vulnerabilities
It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a...