Latest News
ManageEngine ADManager version 7183 suffers from a password hash disclosure vulnerability.
A condition exists when fastrpc_mmap_create creates a new globally visible mapping that can lead to a use-after-free.
An incorrect searching algorithm in fastrpc_mmap_find can lead to kernel address space information leaks.
There appears to be some (possibly deprecated) code associated with AF_QIPCRTR sockets in bpf_service.c. Within this file are some ioctl handlers - e.g. qrtr_bpf_filter_attach and qrtr_bpf_filter_detach. In the case of qrtr_bpf_filter_detach, the global pointer bpf_filter is fetched and freed while only holding a socket lock (and an irrelevant rcu_read_lock) - this may lead directly to double frees or use-after-free (kernel memory corruption) if a malicious user is able to call the QRTR_DETTACH_BPF ioctl on multiple AF_QIPCRTR sockets at once. Based on Android SELinux files, it appears this may be possible from some lower-privileged vendor and HAL services.
DoJ and Microsoft seized over 100 sites used by Russian hackers for phishing campaigns targeting the U.S. The…
Cloud-based solutions are transforming the software quality assurance (QA) industry. As organizations increasingly migrate their development and verification…
Thoughtfully applied, humor breaks through security fatigue, increases engagement, and fosters a culture of security awareness.
Microsoft and the U.S. Department of Justice (DoJ) on Thursday announced the seizure of 107 internet domains used by state-sponsored threat actors with ties to Russia to facilitate computer fraud and abuse in the country. "The Russian government ran this scheme to steal Americans' sensitive information, using seemingly legitimate email accounts to trick victims into revealing account credentials
The booming economies of Africa, rich in natural resources and brimming with potential, are attracting not just investors but also cybercriminals.
After decades of relying on buttons, switches, and toggles, the Pentagon has embraced simple, ergonomic video-game-style controllers already familiar to millions of potential recruits.