Ubuntu Linux impacted by decade-old ‘needrestart’ flaw that gives root
Five local privilege escalation (LPE) vulnerabilities have been discovered in the needrestart utility used by Ubuntu Linux, which was introduced…
‘Void Banshee’ Exploits Second Microsoft Zero-Day
Attackers have been using the Windows MSHTML Platform spoofing vulnerability in conjunction with another zero-day flaw.
Microsoft Discloses 4 Zero-Days in September Update
This month's Patch Tuesday contains a total of 79 vulnerabilities — the fourth largest of the year.
‘Voldemort’ Malware Curses Orgs Using Global Tax Authorities
The global malware campaign (that must not be named?) is targeting organizations by impersonating tax authorities, and using custom tools…
New regreSSHion OpenSSH RCE bug gives root on Linux servers
A new OpenSSH unauthenticated remote code execution (RCE) vulnerability dubbed "regreSSHion" gives root privileges on glibc-based Linux systems. [...]
Rockwell’s ICS Directive Comes As Critical Infrastructure Risk Peaks
Critical infrastructure is facing increasingly disruptive threats to physical processes, while thousands of devices are online with weak authentication and…
Is CISA’s Secure by Design Pledge Toothless?
CISA's agreement is voluntary and, frankly, basic. Signatories say that's a good thing.
CISA’s Malware Analysis Platform Could Foster Better Threat Intel
But just how the government differentiates its platform from similar private-sector options remains to be seen.
Ransomware, Junk Bank Accounts: Cyber Threats Proliferate in Vietnam
An economic success story in Asia, Vietnam is seeing more manufacturing and more business investment. But with that comes a…
NIST Wants Help Digging Out of Its NVD Backlog
The National Vulnerability Database can't keep up, and the agency is calling for a public-private partnership to manage it going…