Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

DEA Investigating Breach of Law Enforcement Data Portal

The U.S. Drug Enforcement Administration (DEA) says it is investigating reports that hackers gained unauthorized access to an agency portal that taps into 16 different federal law enforcement databases. KrebsOnSecurity has learned the alleged compromise is tied to a cybercrime and online harassment community that routinely impersonates police and government officials to harvest personal information on their targets.

Krebs on Security
Open in Source
#web#microsoft#intel#pdf#samsung#auth#blog
The Case for War Crimes Charges Against Russia’s Sandworm Hackers

A group of human rights lawyers and investigators has called on the Hague to bring the first-ever “cyber war crimes” charges against Russia’s most dangerous hackers.

Everything We Learned From the LAPSUS$ Attacks

In recent months, a cybercriminal gang known as LAPSUS$ has claimed responsibility for a number of high-profile attacks against technology companies, including: T-Mobile (April 23, 2022) Globant  Okta Ubisoft Samsung Nvidia Microsoft Vodafone In addition to these attacks, LAPSUS$ was also able to successfully launch a ransomware attack against the Brazilian Ministry of Health. While

Hackers Deploy IceApple Exploitation Framework on Hacked MS Exchange Servers

Researchers have detailed a previously undocumented .NET-based post-exploitation framework called IceApple that has been deployed on Microsoft Exchange server instances to facilitate reconnaissance and data exfiltration. "Suspected to be the work of a state-nexus adversary, IceApple remains under active development, with 18 modules observed in use across a number of enterprise environments, as

CVE-2022-30557: Security Bulletins | Foxit Software

Foxit PDF Reader and PDF Editor before 11.2.2 have a Type Confusion issue that causes a crash because of Unsigned32 mishandling during JavaScript execution.

Threat Actors Are Stealing Data Now to Decrypt When Quantum Computing Comes

The technique, called store-now, decrypt later (SNDL), means organizations need to prepare now for post-quantum cryptography.

Concentric AI Raises Series A Funding Led by Ballistic Ventures to Autonomously Secure Business-Critical Data

Round of $14.5M to support team of AI experts and cybersecurity leaders targeting overshared data with AI-based solutions for data access governance and loss prevention.

Red Hat Security Advisory 2022-1988-01

Red Hat Security Advisory 2022-1988-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, denial of service, information leakage, integer overflow, memory leak, out of bounds read, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-1759-01

Red Hat Security Advisory 2022-1759-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include buffer overflow, integer overflow, null pointer, out of bounds access, out of bounds read, and use-after-free vulnerabilities.