Aggregator

error code: 521

Microsoft is enhancing its bug bounty initiatives with the launch of the Zero Day Quest hacking event. With $4 million in potential rewards, it focuses on driving research in critical areas such as cloud computing and AI. Event focus The event invites security researchers to discover and report high-impact vulnerabilities in Microsoft AI and Cloud Bounty Programs: AI, Microsoft Azure, Microsoft Identity, M365, Microsoft Dynamics 365, and Power Platform. “To advance AI security, we will … More →

The post Microsoft announces Zero Day Quest hacking event with big rewards appeared first on Help Net Security.

A Threat Actor Probably Leaked the Data of Panshi Information Technology

Executive SummaryIn July 2024, the operational technology (OT)-centric malware Fro

Hacker Reportedly Gained Access to File Containing Testimony Against Matt Gaetz
Matt Gaetz, President-elect Donald Trump’s pick to lead the Justice Department, faces growing controversy over allegations of sexual misconduct after a hacker reportedly gained access to a shared file containing testimony from a woman who said she had sex with the former congressman when she was 17.

A Threat Actor Reportedly Leaked the Data of Takbet

A vulnerability was found in Linux Kernel up to 6.8.9. It has been rated as problematic. This issue affects the function tcp_rcv_space_adjust. The manipulation leads to allocation of resources. The identification of this vulnerability is CVE-2024-36905. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in StylemixThemes MasterStudy LMS Plugin up to 3.2.12 on WordPress and classified as critical. This vulnerability affects unknown code. The manipulation leads to missing authorization. This vulnerability was named CVE-2024-37094. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in PropertyHive Plugin up to 2.0.9 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to missing authorization. This vulnerability was named CVE-2024-37204. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in PluginOps MailChimp Subscribe Forms Plugin up to 4.0.9.8 on WordPress. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-43211. It is possible to launch the attack remotely. There is no exploit available.

In further proof of the professionalization of Russian cybercriminal groups, ransomware gangs have been posting job ads for security positions such as pen testers, looking to boost their ransomware deployment operations.

Microsoft has implemented some and is working on delivering several other security-related features and improvements for Windows 11. Administrator protection will allow users to make system changes on their PCs without having administrator rights (that can be abused by attackers who have compromised the system). “With administrator protection, if a system change requires administrator rights, like some app installations, the user is prompted to securely authorize the change using Windows Hello. Windows creates a temporary … More →

The post Microsoft announces new and improved Windows 11 security features appeared first on Help Net Security.

As GenAI becomes an indispens

Spotify playlists and podcasts are being abused to push pirated software, game cheat codes,

Microsoft has announced the Windows Resiliency Initiative, aimed at avoiding a repeat of the prolonged worldwide IT outage caused by a buggy CrowdStrike update that took down millions of Windows machines and rendered them remotely unfixable. As part of that initiative, the company has announced that its working on Quick Machine Recovery, a feature that “will enable IT administrators to execute targeted fixes from Windows Update on PCs, even when machines are unable to boot, … More →

The post Microsoft plans to boot security vendors out of the Windows kernel appeared first on Help Net Security.

When deciding what approach to use for security tooling, it seems like there are two choices:Sel

Cybercriminals have adopted a novel trick for infecting devices with malware: sending out physical

扫码订阅《中国信息安全》邮发代号 2-786征订热线：010-82341063央视新闻《向网络暴力亮剑》系列微视频，剖析多起网暴典型事件，最高人民法院等相关部门专业人士详细释法，倡导共建清朗网络空间

扫码订阅《中国信息安全》邮发代号 2-786征订热线：010-82341063文 | 浙江省社会科学院法学所研究员、浙江大学浙江数字化发展与治理研究中心特聘研究员 王海明当前，人工智能数智化发展方兴