Aggregator
CVE-2023-29550 | Mozilla Thunderbird up to 102.9 memory corruption
CVE-2021-46976 | Linux Kernel up to 5.10.37/5.11.21/5.12.4 i915 auto_retire allocation of resources
CVE-2021-47027 | Linux Kernel up to 5.12.3 drivers/pci/msi.c free_msi_irqs denial of service (a46b536cd60c/e230f0c44f01)
Israeli Ministry of Construction and Housing Database Allegedly Leaked on Darknet
Banshee macOS stealer supports new evasion mechanisms
2025 Threat Landscape Trends to Watch
What Type of Attacks Will We See in 2025? January 23, 2025Time: 1:00 pm ET | 10:00 am PTSpeaker: Paul Asadoorian, Principal Security Researcher Bootkits, network infrastructure attacks, and firmware vulnerabilities all saw major development in 2024, and these major trends show no sign of slowing down in 2025. Join Paul Asadoorian for a review […]
The post 2025 Threat Landscape Trends to Watch appeared first on Eclypsium | Supply Chain Security for the Modern Enterprise.
The post 2025 Threat Landscape Trends to Watch appeared first on Security Boulevard.
PowerSchool's Breach Fallacy: Paying Criminals for Promises
Data breach victim PowerSchool, maker of a widely used K-12 student information system platform, has been attempting to assure schools, and parents and guardians, by saying its attacker has promised to delete the stolen data. What's the old saying about those who fail to learn from history?
The Future of CISA in Healthcare in the New Administration
Live Webinar | 10 Strategies to Tackle Alert Fatigue with Smarter SOC
Live Webinar | Guess Who’s Back? Exploring the Use of Canaries for Threat Deception in the Cloud
Google DeepMind's Consolidation, World Modelling Initiatives
Google is restructuring its artificial intelligence teams and forming a new division under its DeepMind unit. Both the AI Studio team and the Gemini API team will now be run under DeepMind, a shift Google says will make DeepMind's work more accessible to the public.
Cloud Security, APT Threats, AI Risks Loom Large in 2025
To combat AI threats in 2025, security teams are set to enter the second phase of AI innovation in security by deploying semi-autonomous operations such as alert parsing, creation of high-priority item lists and risk remediation, said Jamie Collier, senior threat intelligence advisor at Mandiant.
Three Russian Cryptomixer Masterminds Indicted in US
Three Russian nationals behind cryptocurrency mixers favored by ransomware hackers and North Korean crypto thieves face criminal charges in U.S. federal court: Roman Vitalyevich Ostapenko, 55, Alexander Evgenievich Oleynik, 44, and Anton Vyachlavovich Tarasov, 32.
The Cost of Complacency in Credential Hygiene
The PowerSchool breach highlights the risks of poor credential hygiene. This article covers proactive steps to protect your SaaS environment.
The post The Cost of Complacency in Credential Hygiene appeared first on Security Boulevard.
Fake CrowdStrike 'Job Interviews' Become Latest Hacker Tactic
Exploring GrayhatWarfare: A Search Engine for Exposed S3 Buckets
Russia Carves Out Commercial Surveillance Success Globally
CVE-2024-12847 | NETGEAR DGN1000 1.1.00.46 HTTP Request setup.cgi authentication bypass
DEF CON 32 – Practical Exploitation of DoS in Bug Bounty
Author/Presenter: Roni Lupin Carta
Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.
The post DEF CON 32 – Practical Exploitation of DoS in Bug Bounty appeared first on Security Boulevard.