Security
Headlines
HeadlinesLatestCVEs

Tag

#zero_day

CVE-2022-22998: WDC-22009 My Cloud Home Firmware Version 8.7.0-107 | Western Digital

Implemented protections on AWS credentials that were not properly protected.

CVE
Open in Source
#vulnerability#android#mac#linux#debian#dos#git#rce#perl#samba#aws#auth#zero_day#wifi#ssl
Don't Have a COW: Containers on Windows and Other Container-Escape Research

Several pieces of Black Hat USA research will explore container design weaknesses and escalation of privilege attacks that can lead to container escapes.

Microsoft Windows Autopatch is Now Generally Available for Enterprise Systems

Microsoft on Monday announced the general availability of a feature called Autopatch that automatically keeps Windows and Office software up-to-date on enrolled endpoints. The launch, which comes a day before Microsoft is expected to release its monthly round of security patches, is available for customers with Windows Enterprise E3 and E5 licenses. It, however, doesn't support Windows Education

4 ways businesses can save money on cyber insurance

When it comes to insurance, better security means better savings. The post 4 ways businesses can save money on cyber insurance appeared first on Malwarebytes Labs.

CVE-2022-35411: Remote Code Execution 0-day in rpc.py - Elias Hohl - Medium

rpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the "serializer: pickle" HTTP header is sent. In other words, although JSON (not Pickle) is the default data format, an unauthenticated client can cause the data to be processed with unpickle.

In Switch, Trickbot Group Now Attacking Ukrainian Targets

Latest campaigns are a break from its usual financially motivated attacks and appear aligned with Russian interests, security researchers say.

Threat Source newsletter (July 7, 2022) — Teamwork makes the dream work

By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter.  I’ve been thinking a lot recently about the pros and cons of the way we publicize our threat research. I had a few conversations at Cisco Live with people — who are more generally IT-focused than... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Empower Your Security Operations Team to Combat Emerging Threats

When examining the modern threat landscape, empowering your security operations and overcoming the limitations inherent with other malware prevention solutions is imperative.

Vulnerability Management news and publications #1

Hello everyone! In this episode, I will try to revive Security News with a focus on Vulnerability Management. On the one hand, creating such reviews requires free time, which could be spent more wisely, for example, on open source projects or original research. On the other hand, there are arguments in favor of news reviews. […]