5 Russia-Linked Groups Target Ukraine in Cyberwar
Information on the attributed cyberattacks conducted since the beginning of the Russia-Ukraine war shows that a handful of groups conducted…
Microsoft Sysmon can now block malicious EXEs from being created
Microsoft has released Sysmon 14 with a new 'FileBlockExecutable' option that lets you block the creation of malicious executables, such…
Malware devs already bypassed Android 13’s new security feature
Android malware developers are already adjusting their tactics to bypass a new 'Restricted settings' security feature introduced by Google in the…
Windows KB5012170 update causing BitLocker recovery screens, boot issues
Windows users who have installed a new KB5012170 security update for Secure Boot have encountered various issues, ranging from boots…
Patch Madness: Vendor Bug Advisories Are Broken, So Broken
Duston Childs and Brian Gorenc of ZDI take the opportunity at Black Hat USA to break down the many vulnerability…
Microsoft blocks UEFI bootloaders enabling Windows Secure Boot bypass
Some signed third-party bootloaders for the Unified Extensible Firmware Interface (UEFI) used by Windows could allow attackers to execute unauthorized…
Zimbra auth bypass bug exploited to breach over 1,000 servers
An authentication bypass Zimbra security vulnerability is being exploited to compromise Zimbra Collaboration Suite (ZCS) email servers worldwide. [...]
Multiple Vulnerabilities Discovered in Device42 Asset Management Appliance
Four serious security issues on the popular appliance could be exploited by hackers with any level of access within the…
Many ZTNA, MFA Tools Offer Little Protection Against Cookie Session Hijacking Attacks
Many of the technologies and services that organizations are using to isolate Internet traffic from the internal network lack session…
Azure PostgreSQL User Databases Were Exposed Due to Critical Vulnerabilities
By Randy Reiter CEO of Don’t Be Breached April, 2022 Microsoft reported that vulnerabilities in its Azure Database […] The…