USN-6798-1: GStreamer Base Plugins vulnerability
It was discovered that GStreamer Base Plugins incorrectly handled certain EXIF metadata. An attacker could possibly use this issue to execute arbitrary code or cause...
USN-6796-1: TPM2 Software Stack vulnerabilities
Fergus Dall discovered that TPM2 Software Stack did not properly handle layer arrays. An attacker could possibly use this issue to cause TPM2 Software Stack...
Internet Archive Disrupted by Sustained and “Mean” DDoS Attack
The Internet Archive said sustained DDoS attacks have disrupted access to its preserved web pages and other historical archives Read More
#Infosec2024: How Williams Racing Relies on Data Security for Peak Performance
Formula One team Williams Racing shares how it prioritizes data security with password management to safeguard sensitive information Read More
Privacy Implications of Tracking Wireless Access Points
Brian Krebs reports on research into geolocating routers: Apple and the satellite-based broadband service Starlink each recently took steps to address new research into the...
New North Korean Hacking Group Identified by Microsoft
Moonstone Sleet is a newly observed threat group targeting companies for financial and cyber espionage objectives Read More
Volatile Data Acquisition on Linux Systems Using fmem
The content of this post is solely the responsibility of the author. LevelBlue does not adopt or endorse any of the views, positions, or information...
#Infosec2024: Decoding SentinelOne’s AI Threat Hunting Assistant
SentinelOne will present a threat-hunting demonstration during which a security analyst will compete against a non-technical person using its AI assistant Read More
USN-6797-1: Intel Microcode vulnerabilities
It was discovered that some 3rd and 4th Generation Intel® Xeon® Processors did not properly restrict access to certain hardware features when using Intel® SGX...
ZDI-24-519: (Pwn2Own) Phoenix Contact CHARX SEC-3100 Untrusted Search Path Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Phoenix Contact CHARX SEC-3100 devices. An attacker must first obtain the ability to...