Protecting collocated servers from DDoS attacks using GRE tunnels
You can get DDoS protection remotely for your collocated server using a generic routing encapsulation (GRE) tunnel. We will explain…
Has Adoption of ‘Connected Devices’ Outpaced Security?
By Scott Register, Vice President, Security Solutions, Keysight Technologies We’ve all seen the rush to deploy the new wave of…
Old Windows ‘Mock Folders’ UAC bypass used to drop malware
A new phishing campaign targets organizations in Eastern European countries with the Remcos RAT malware with aid from an old…
Proof-of-Concept released for critical Microsoft Word RCE bug
A proof-of-concept for CVE-2023-21716, a critical vulnerability in Microsoft Word that allows remote code execution, has been published over the…
New TPM 2.0 flaws could let hackers steal cryptographic keys
The Trusted Platform Module (TPM) 2.0 specification is affected by two buffer overflow vulnerabilities that could allow attackers to access…
BlackLotus bootkit bypasses UEFI Secure Boot on patched Windows 11
The developers of the BlackLotus UEFI bootkit have improved the malware with Secure Boot bypass capabilities that allow it to…
Aruba Networks fixes six critical vulnerabilities in ArubaOS
Aruba Networks published a security advisory to inform customers about six critical-severity vulnerabilities impacting multiple versions of ArubaOS, its proprietary…
Offensive Security Is Now OffSec – Refresh Reflects Future of Cybersecurity Learning and Skills Development
Updated OffSec™ identity substantiates the company's commitment to expanding its cybersecurity content and resources to prepare infosec professionals for the…
Cisco patches critical Web UI RCE flaw in multiple IP phones
Cisco has addressed a critical security vulnerability found in the Web UI of multiple IP Phone models that unauthenticated and…
How to Reduce Code Risk Using Pipelineless Security
The exposure and exploitation of hardcoded secrets continues to drive software supply chain attacks. One solution: zero new hardcoded secrets.