Quarter of Firms Suffer an API-Related Breach
Salt Security study finds 23% of organizations suffered a breach via production APIs in 2023 Read More
Rethinking Democracy for the Age of AI
There is a lot written about technology’s threats to democracy. Polarization. Artificial intelligence. The concentration of wealth and power. I have a more general story:...
Report Reveals Record Exploitation Rate For Load Balancers
Action1 reveals cybercriminals are increasingly targeting NGINX and Citrix load balancers Read More
Convicted BEC scammer could face over 100 years in prison
A US court has found a Nigerian national guilty of charges related to a US $1.5 million business email compromise (BEC) scam and could face...
openssl3-3.2.2-2.1.el8
FEDORA-EPEL-2024-c58045d54f Packages in this update: openssl3-3.2.2-2.1.el8 Update description: Security fix for CVE-2024-4741 openssl3: openssl: Use After Free with SSL_free_buffers Read More
ZDI-24-802: (0Day) Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Poly Plantronics Hub. An attacker must first obtain the ability to execute low-privileged...
ZDI-24-803: Parallels Desktop Updater Protection Mechanism Failure Software Downgrade Vulnerability
This vulnerability allows local attackers to downgrade Parallels software on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged...
ZDI-24-804: Parallels Desktop Toolgate Heap-based Buffer Overflow Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code...
ZDI-24-805: (0Day) Actiontec WCB6200Q uh_tcp_recv_content Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The...
ZDI-24-806: (0Day) Actiontec WCB6200Q uh_tcp_recv_header Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The...