Security
Headlines
HeadlinesLatestCVEs

Tag

#zero_day

In Switch, Trickbot Group Now Attacking Ukrainian Targets

Latest campaigns are a break from its usual financially motivated attacks and appear aligned with Russian interests, security researchers say.

DARKReading
Open in Source
#mac#windows#microsoft#intel#backdoor#auth#ibm#zero_day
Threat Source newsletter (July 7, 2022) — Teamwork makes the dream work

By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter.  I’ve been thinking a lot recently about the pros and cons of the way we publicize our threat research. I had a few conversations at Cisco Live with people — who are more generally IT-focused than... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Empower Your Security Operations Team to Combat Emerging Threats

When examining the modern threat landscape, empowering your security operations and overcoming the limitations inherent with other malware prevention solutions is imperative.

Vulnerability Management news and publications #1

Hello everyone! In this episode, I will try to revive Security News with a focus on Vulnerability Management. On the one hand, creating such reviews requires free time, which could be spent more wisely, for example, on open source projects or original research. On the other hand, there are arguments in favor of news reviews. […]

Why Browser Vulnerabilities Are a Serious Threat — and How to Minimize Your Risk

As a result of browser market consolidation, adversaries can focus on uncovering vulnerabilities in just two main browser engines.

Google Chrome WebRTC Zero-Day Faces Active Exploitation

The heap buffer-overflow issue in Chrome for Android could be used for DoS, code execution, and more.

Update now! Chrome patches ANOTHER zero-day vulnerability

Google has patched a vulnerability in Chrome which was being exploited in the wild. Make sure you're using the latest version. The post Update now! Chrome patches ANOTHER zero-day vulnerability appeared first on Malwarebytes Labs.

Google Patches Actively Exploited Chrome Bug

The heap buffer overflow issue in the browser’s WebRTC engine could allow attackers to execute arbitrary code.

As New Clues Emerges, Experts Wonder: Is REvil Back?

Change is a part of life, and nothing stays the same for too long, even with hacking groups, which are at their most dangerous when working in complete silence. The notorious REvil ransomware gang, linked to the infamous JBS and Kaseya, has resurfaced three months after the arrest of its members in Russia. The Russian domestic intelligence service, the FSB, had caught 14 people from the gang. In

Update Google Chrome Browser to Patch New Zero-Day Exploit Detected in the Wild

Google on Monday shipped security updates to address a high-severity zero-day vulnerability in its Chrome web browser that it said is being exploited in the wild. The shortcoming, tracked as CVE-2022-2294, relates to a heap overflow flaw in the WebRTC component that provides real-time audio and video communication capabilities in browsers without the need to install plugins or download native