Security
Headlines
HeadlinesLatestCVEs

Latest News

How a Mental Health Nonprofit Secures Endpoints for Compassionate Care

Consolidating endpoint management boosts cybersecurity while keeping an Oklahoma-based nonprofit focused on community mental health.

DARKReading
#perl#auth
Meta Finally Breaks Its Silence on Pig Butchering

The company gave details for the first time on its approach to combating organized criminal networks behind the devastating scams.

Operation Shipwrecked: US Seizes PopeyeTools Marketplace, Charges 3

The US Department of Justice has taken down PopeyeTools, a major online marketplace used by cybercriminals to sell…

US Charges 5 Suspected MGM Hackers from Scattered Spider Gang

Five alleged members of the notorious Scattered Spider hacking group have been charged with executing a sophisticated phishing…

Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign

As many as 2,000 Palo Alto Networks devices are estimated to have been compromised as part of a campaign abusing the newly disclosed security flaws that have come under active exploitation in the wild. According to statistics shared by the Shadowserver Foundation, a majority of the infections have been reported in the U.S. (554) and India (461), followed by Thailand (80), Mexico (48), Indonesia

Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor

The China-aligned advanced persistent threat (APT) actor known as Gelsemium has been observed using a new Linux backdoor dubbed WolfsBane as part of cyber attacks likely targeting East and Southeast Asia. That's according to findings from cybersecurity firm ESET based on multiple Linux samples uploaded to the VirusTotal platform from Taiwan, the Philippines, and Singapore in March 2023.

Ivanti EPM Agent Portal Command Execution

This Metasploit module leverages an unauthenticated remote command execution vulnerability in Ivanti's EPM Agent Portal where an RPC client can invoke a method which will run an attacker-specified string on the remote target as NT AUTHORITY\SYSTEM. This vulnerability is present in versions prior to EPM 2021.1 Su4 and EPM 2022 Su2.

Judge0 Sandbox Escape

Judge0 does not account for symlinks placed inside the sandbox directory, which can be leveraged by an attacker to write to arbitrary files and gain code execution outside of the sandbox.

Wireshark Analyzer 4.4.2

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.