Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

Hackers using USB drives to spread malware in ongoing attack

By Habiba Rashid Currently, hackers are targeting public and private entities in Southeast Asia, the Asia-Pacific region, Europe, and the U.S., with a focus on the Philippines. This is a post from HackRead.com Read the original post: Hackers using USB drives to spread malware in ongoing attack

HackRead
#android#mac#google#git#backdoor
North Korea Hackers Using New "Dolphin" Backdoor to Spy on South Korean Targets

The North Korea-linked ScarCruft group has been attributed to a previously undocumented backdoor called Dolphin that the threat actor has used against targets located in its southern counterpart. "The backdoor [...] has a wide range of spying capabilities, including monitoring drives and portable devices and exfiltrating files of interest, keylogging and taking screenshots, and stealing

How Banks Can Upgrade Security Without Affecting Client Service

New protective measures work behind the scenes, with little impact on the customer experience.

API Secrets: Where the Bearer Model Breaks Down

Current authentication methods are based on the bearer model, but lack of visibility into the entities leveraging API secrets has made this untenable.

Critical Quarkus Flaw Threatens Cloud Developers With Easy RCE

Red Hat has issued patches for a bug in an open source Java virtual machine software that opens the door to drive-by localhost attacks. Patch now, as it's easy for cyberattackers to exploit.

CVE-2022-4231: bug-report/vendors/tribalsystems/zenario/session-fixation at main · lithonn/bug-report

A vulnerability, which was classified as problematic, has been found in Tribal Systems Zenario CMS 9.3.57595. This issue affects some unknown processing of the component Remember Me Handler. The manipulation leads to session fixiation. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-214589 was assigned to this vulnerability.

CVE-2022-41413: GitHub - renmizo/CVE-2022-41413

perfSONAR v4.x <= v4.4.5 was discovered to contain a Cross-Site Request Forgery (CSRF) which is triggered when an attacker injects crafted input into the Search function.