China’s Elite Cyber Corps Hone Skills on Virtual Battlefields
The nation leads in the number of capture-the-flag tournaments sponsored by government and industry — a strategy from which Western nations…
The Imperative of Penetration Testing AI Systems
In the modern era of technological advancement, artificial intelligence (AI) is revolutionizing business operations, presenting unparalleled opportunities for efficiency and…
New Windows Driver Signature bypass allows kernel rootkit installs
Attackers can downgrade Windows kernel components to bypass security features such as Driver Signature Enforcement and deploy rootkits on fully…
Over 70 zero-day flaws get hackers $1 million at Pwn2Own Ireland
The fourth day of Pwn2Own Ireland 2024 marked the end of the hacking competition with more than $1 million in…
SEC Fines Companies Millions for Downplaying SolarWinds Breach
Four companies — Avaya, Check Point, Mimecast, and Unisys — have been charged by the SEC for misleading disclosures in…
QNAP, Synology, Lexmark devices hacked on Pwn2Own Day 3
The third day of Pwn2Own Ireland 2024 continued to showcase the expertise of white hat hackers as they exposed 11…
AWS’s Predictable Bucket Names Make Accounts Easier to Crack
Amazon's open source Cloud Development Kit generates dangerously predictable naming patterns that could lead to an account takeover.
Samsung Zero-Day Vuln Under Active Exploit, Google Warns
If exploited, bad actors can execute arbitrary code while evading detection thanks to a renamed process.
Exploit released for new Windows Server “WinReg” NTLM Relay attack
Proof-of-concept exploit code is now public for a vulnerability in Microsoft's Remote Registry client that could be used to take control of…
VMware fixes bad patch for critical vCenter Server RCE flaw
VMware has released another security update for CVE-2024-38812, a critical VMware vCenter Server remote code execution vulnerability that was not…