Aggregator
38 секунд, которые стоят миллионов: как короткий клип изменил дискуссию о выборах
JVN: SUBNET Solutions製PowerSYSTEM Centerにおける複数の脆弱性
JVN: Delta Electronics製DIAEnergieにおける複数の脆弱性
Dutch police breached by a state actor
From Tap-to-Earn to Play-to-Earn: How Hamster Kombat Is Fueling The Switch
CVE-2016-6828 | Linux Kernel up to 4.7.4 SACK State include/net/tcp.h tcp_check_send_head use after free (EDB-40731 / Nessus ID 96478)
North Korea ‘Shrouded Sleep’ malware campaign targeting Cambodia, other Southeast Asian nations
CVE-2022-23132 | Zabbix Installation /var/run/zabbix access control (ZBX-20341 / Nessus ID 208100)
CVE-2023-31147 | c-ares DNS Query random values (GHSA-8r8p-23f3-64c2 / Nessus ID 208103)
CVE-2020-10177 | Pillow up to 6.2.2/7.0.0 libImaging/FliDecode.c out-of-bounds (Nessus ID 208107)
CVE-2012-0881 | Oracle Transportation Management 6.4.3 Apache Xerces2 Java Parser denial of service (Nessus ID 208112)
CVE-2024-20505 | Cisco ClamAV up to 1.4.0 PDF Parser out-of-bounds (Nessus ID 208113)
CVE-2024-20506 | Cisco ClamAV up to 1.4.0 ClamD Service access control (Nessus ID 208113)
CVE-2014-7370 | Job MoBleeps 0.1 X.509 Certificate cryptographic issues (VU#582497)
October 2024 Patch Tuesday forecast: Recall can be recalled
October arrived, and Microsoft started the month by announcing the release of Windows 11 24H2. The preview versions of this release have been in the news due to many innovations and one controversial feature. Windows 11 24H2 and Microsoft Recall This OS was released in May for Microsoft’s new Copilot+ PCs, powered by a neural processing unit (NPU); several features are unique to that platform. Now available for systems that meet the hardware requirements, it … More →
The post October 2024 Patch Tuesday forecast: Recall can be recalled appeared first on Help Net Security.
Exposing the Credential Stuffing Ecosystem
CVE-2000-0077 | HP HP-UX 10/11 aserver PATH privileges management (EDB-20396 / XFDB-3881)
CVE-2016-4220 | Adobe Flash Player prior 11.2.202.632/18.0.0.366/22.0.0.209 memory corruption (APSB16-25 / Nessus ID 92309)
Best practices for implementing threat exposure management, reducing cyber risk exposure
In this Help Net Security interview, Sanaz Yashar, CEO at Zafran, discusses the role of threat exposure management (TEM) in modern cybersecurity strategies. As traditional vulnerability management evolves, TEM addresses the overwhelming risks arising from expanded attack surfaces and fragmented security tools. The proactive TEM approach prioritizes risks and integrates seamlessly with existing security tools, enabling organizations to mitigate threats before they can be exploited effectively. Why has Threat Exposure Management (TEM) become critical in … More →
The post Best practices for implementing threat exposure management, reducing cyber risk exposure appeared first on Help Net Security.