#Infosec2024: Why Credential-Based Attacks Need Modern Solutions
1Password’s Steve Won discusses why modern security solutions, such as passkeys, can substantially reduce the risk of credential-based attacks Read More
ZDI-24-526: (Pwn2Own) VMware Workstation VBluetoothHCI_PacketOut Use-After-Free Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code...
CyberDanube Security Research 20240528-0 | Multiple Vulnerabilities in ORing IAP-420
Posted by Thomas Weber via Fulldisclosure on May 29 CyberDanube Security Research 20240528-0 ------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| ORing IAP-420 vulnerable version| 2.01e fixed version|...
HNS-2024-06 – HN Security Advisory – Multiple vulnerabilities in Eclipse ThreadX
Posted by Marco Ivaldi on May 29 Hi, Please find attached a security advisory that describes multiple vulnerabilities we discovered in Eclipse ThreadX (aka Azure...
Multiple Vulnerabilities in Fortinet FortiSIEM Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in Fortinet FortiSIEM which could allow for remote code execution. FortiSIEM is a multi-tenant SIEM that offers real-time infrastructure and...
Is Your Computer Part of ‘The Largest Botnet Ever?’
The U.S. Department of Justice (DOJ) today said they arrested the alleged operator of 911 S5, a ten-year-old online anonymity service that was powered by...
Going going gone! Ransomware attack grabs Christie’s client data for a steal
The world-renowned auction house Christie's has confirmed that it has fallen victim to a ransomware attack, seemingly orchestrated by a Russia-linked cybercriminal gang. Read more...
Advance Fee Fraud Targets Colleges With Free Piano Offers
Proofpoint discovered over 125,000 emails linked to this scam cluster in the past year Read More
USN-6799-1: Werkzeug vulnerability
It was discovered that the debugger in Werkzeug was not restricted to trusted hosts. A remote attacker could possibly use this issue to execute code...
New PyPI Malware “Pytoileur” Steals Crypto and Evades Detection
The package posed as an API management tool and downloaded trojanized Windows binaries Read More