Aggregator

A vulnerability, which was classified as problematic, was found in J’s Communication RevoWorks SCVX and RevoWorks Browser up to 2.2.100/3.0.1/4.0.234/5.0.7. Affected is an unknown function. The manipulation leads to incorrect resource transfer. This vulnerability is traded as CVE-2025-26698. Local access is required to approach this attack. There is no exploit available.

Pentera has unveiled Cyber Pulse, a new mechanism to update the Pentera platform with the latest vulnerabilities and attack techniques from the Pentera research team. Cyber Pulse delivers a continuous stream of new cyber exposure validation capabilities, enabling organizations to identify and mitigate new threats and vulnerabilities before they can be exploited. The MITRE ATT&CK catalog grew by over 30 new tactics, techniques, and procedures (TTPs) in the past year alone, while CISA’s Known Exploited … More →

The post Pentera Cyber Pulse identifies new threats and vulnerabilities appeared first on Help Net Security.

Этот маршрутизатор переживёт любые атаки и эксперименты.

为防御方提供了宝贵情报

Red Hat announced Red Hat OpenShift 4.18, the latest version of the hybrid cloud application platform powered by Kubernetes. Red Hat OpenShift 4.18 introduces new features and capabilities designed to streamline operations and security across IT environments and deliver greater consistency to all applications, from cloud-native and AI-enabled to virtualized and traditional. According to the Gartner press release Top Trends Impacting Infrastructure and Operations for 2025, revirtualization/devirtualization is one of the top I&O trends for … More →

The post Red Hat OpenShift 4.18 enhances security across IT environments appeared first on Help Net Security.

Experts Say First Class Action Claim Under State's Privacy Law Won't Be the Last
A proposed class action lawsuit alleges that Amazon is unlawfully collecting and tracking mobile users' data - including sensitive geolocation - in violation of Washington's My Health My Data Act. It's the first such lawsuit filed since the data privacy law went into effect last year.

Experts Say First Class Action Claim Under State's Privacy Law Won't Be the Last
A proposed class action lawsuit alleges that Amazon is unlawfully collecting and tracking mobile users' data - including sensitive geolocation - in violation of Washington's My Health My Data Act. It's the first such lawsuit filed since the data privacy law went into effect last year.

The Cybersecurity Maturity Model Certification (CMMC) process is just around the corner and is expected by most to go into effect early next year. This is why defense tech companies need to act today to start their compliance journey.

The post It’s Time for Defense Tech Companies to Get Ahead of CMMC Before They Get Left Behind    appeared first on Security Boulevard.

A vulnerability classified as critical was found in Linux Kernel up to 5.18.3. Affected by this vulnerability is the function stub_probe. The manipulation leads to path traversal. This vulnerability is known as CVE-2022-49389. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.17.14/5.18.3. It has been declared as problematic. This vulnerability affects unknown code of the component watchdog: rzg2l_wdt. The manipulation of the argument timer_cycle_us leads to Privilege Escalation. This vulnerability was named CVE-2022-49387. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.121/5.15.46/5.17.14/5.18.3. It has been classified as problematic. This affects the function of_get_child_by_name/am65_cpsw_init_cpts/am65_cpsw_nuss_probe. The manipulation leads to improper update of reference count. This vulnerability is uniquely identified as CVE-2022-49386. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.