CVE-2022-4132
A flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured that way (repeatedly...
Malicious Ads in Bing Chat
Malicious ads are creeping into chatbots. Read More
USN-6401-1: FreeRDP vulnerabilities
It was discovered that FreeRDP did not properly manage certain inputs. A malicious server could use this issue to cause FreeRDP clients to crash, resulting...
Police Issue “Quishing” Email Warning
Organizations urged to update staff awareness programs Read More
The role of automation in mitigating cybersecurity risks
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information...
Arm and Qualcomm Chips Hit by Multiple Zero-Day Attacks
Chip giants have released updates to fix the vulnerabilities Read More
Red Cross Issues Wartime Hacktivist Rules
Non-profit warns of blurring between military and civilian attacks Read More
ZDI-23-1507: (0Day) D-Link DAP-1325 SetSetupWizardStatus Enabled Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. Read...
ZDI-23-1508: (0Day) D-Link D-View showUsers Improper Authorization Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of D-Link D-View. Authentication is required to exploit this vulnerability. Read More
ZDI-23-1509: (0Day) D-Link D-View InstallApplication Use of Hard-coded Credentials Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability. Read More