Aggregator

MESHWORKS PTY LIMITED Has Been Claimed a Victim to Sarcoma Ransomware

When it comes to proactive API security, there are three critical pillars: API Discovery, API Security Testing, and API Oversight.

The post The Three Pillars of Shift-Left API Security appeared first on Security Boulevard.

ReliaQuest has observed a new Black Basta social engineering campaign targeting users via Microsoft Teams and malicious QR codes.

ReliaQuest has observed a new Black Basta social engineering campaign targeting users via Microsoft Teams and malicious QR codes.

Cucamonga Valley Water District Has Been Claimed a Victim to FOG Ransomware

涵盖z国背景APT团伙、Windows提权漏洞、Grafana安全漏洞等

A Threat Actor is Allegedly Selling the Database of Wetality

Not cute: $UNH’s Change Healthcare unit paid a big ransom—its IT was as weak as a kitten.

The post 100 MILLION Americans in UnitedHealth PII Breach appeared first on Security Boulevard.

303 is Allegedly Selling FTP Access to AT&T Corp

一颗超新星的爆炸足以清除太阳系中几乎所有的尘埃，而这种情况可能在 300 万年前就已经发生了。就像家具上的灰尘一样，这些细小的颗粒也会逐渐得到补充。太空尘埃是由小行星碰撞等事件产生的小颗粒组成的。这些颗粒的大小通常小于一毫米。太阳系大约 70% 的尘埃集中在柯伊伯带，这是海王星以外的冰质小行星和彗星区域，估计有 350 万亿吨的小颗粒。波士顿大学的研究人员模拟了太阳系附近的超新星爆发。根据地球上冰中放射性铁同位素铁-60 含量的增加，研究人员认为其中一个事件发生在大约 300 万年前。当爆炸同时带走太阳的日光层时，这些同位素就会被释放出来，日光层可以保护太阳系中的行星免受银河系的辐射。

RipperSec Targeted the Website of Rambhai Barni Rajabhat University

ReliaQuest has observed a new Black Basta social engineering campaign targeting users via Microsoft Teams and malicious QR codes.

HELLCAT is Allegedly Selling the Data of The Knesset

A vulnerability was found in Linux Kernel up to 6.10.13/6.11.2. It has been rated as critical. Affected by this issue is the function lpfc_sli_flush_io_rings of the component scsi. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2024-49891. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

Zyloware Eyewear Has Been Claimed a Victim to BLACK SUIT Ransomware

Windows内核流服务本地权限提升漏洞(CVE-2024-30090)

Authors/Presenters:Michelle Eggers

Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their timely DEF CON 32 erudite content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.

Permalink

The post DEF CON 32 – AppSec Village – The Immortal Retrofuturism of Mainframes and How to Keep Them Safe appeared first on Security Boulevard.