Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

Cloud Apps Still Demand Way More Privileges Than They Use

Hackers can't steal a credential that doesn't exist.

DARKReading
Open in Source
#mac#google#microsoft#kubernetes#aws
'Money Lover' Finance App Exposes User Data

A broken access control vulnerability could have led to dangerous follow-on attacks for users of the money-management app.

Google Introduces Bard: New ChatGPT Rival

By Habiba Rashid Google's CEO, Sundar Pichai, described the ChatGPT rival, Bard, as an "experimental conversational AI service" powered by LaMDA. This is a post from HackRead.com Read the original post: Google Introduces Bard: New ChatGPT Rival

On the 20th Safer Internet Day, what was security like back in 2004?

Categories: News Tags: safer internet day Tags: SID Tags: 2004 Tags: 2005 Tags: 20th anniversary Tags: security Tags: windows Tags: XP Tags: XPSP2 Tags: 20 minutes Come with us on a journey down memory lane. (Read more...) The post On the 20th Safer Internet Day, what was security like back in 2004? appeared first on Malwarebytes Labs.

BlueHat 2023: Connecting the security research community with Microsoft

We’re excited to welcome more than 400 members of the security research community from around the world to Redmond, Washington for BlueHat 2023. Hosted by the Microsoft Security Response Center (MSRC), BlueHat is where the security research community, and Microsoft security professionals, come together as peers to connect, share, learn, and exchange ideas in the … BlueHat 2023: Connecting the security research community with Microsoft Read More »

CVE-2021-31578: Acknowledgements

In Boa, there is a possible escalation of privilege due to a stack buffer overflow. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210008; Issue ID: OSBNB00123241.

Windows Kernel Registry Virtualization Memory Corruption

Microsoft Windows suffers from a kernel memory corruption due to an insufficient handling of predefined keys in registry virtualization.

GuLoader Malware Using Malicious NSIS Executable to Target E-Commerce Industry

E-commerce industries in South Korea and the U.S. are at the receiving end of an ongoing GuLoader malware campaign, cybersecurity firm Trellix disclosed late last month. The malspam activity is notable for transitioning away from malware-laced Microsoft Word documents to NSIS executable files for loading the malware. Other countries targeted as part of the campaign include Germany, Saudi Arabia,

Microsoft: Iranian Nation-State Group Sanctioned by U.S. Behind Charlie Hebdo Hack

An Iranian nation-state group sanctioned by the U.S. government has been attributed to the hack of the French satirical magazine Charlie Hebdo in early January 2023. Microsoft, which disclosed details of the incident, is tracking the activity cluster under its chemical element-themed moniker NEPTUNIUM, which is an Iran-based company known as Emennet Pasargad. In January 2022, the U.S. Federal