Security
Headlines
HeadlinesLatestCVEs

Latest News

Godfather Banking Trojan Spawns 1.2K Samples Across 57 Countries

Mobile malware-as-a-service operators are upping their game by automatically churning out hundreds of unique samples on a whim.

DARKReading
#apple#intel#auth
Chip Giants Finalize Specs Baking Security Into Silicon

Caliptra 1.0 offers a blueprint for integrating security features directly into microprocessors.

Digital Blitzkrieg: Unveiling Cyber-Logistics Warfare

Cyberattacks on logistics are becoming increasingly common, and the potential impact is enormous.

North Korea's Lazarus Group Deploys New Kaolin RAT via Fake Job Lures

The North Korea-linked threat actor known as Lazarus Group employed its time-tested fabricated job lures to deliver a new remote access trojan called Kaolin RAT. The malware could, "aside from standard RAT functionality, change the last write timestamp of a selected file and load any received DLL binary from [command-and-control] server," Avast security researcher Luigino

Cisco Zero-Days Anchor 'ArcaneDoor' Cyber-Espionage Campaign

Attacks by a previously unknown threat actor leveraged two bugs in firewall devices to install custom backdoors on several government networks globally.

J&J Spin-Off CISO on Maximizing Cybersecurity

How the CISO of Kenvue, a consumer healthcare company spun out from Johnson & Johnson, combined tools and new ideas to build out the security program.

Ubuntu Security Notice USN-6750-1

Ubuntu Security Notice 6750-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Bartek Nowotarski discovered that Thunderbird did not properly limit HTTP/2 CONTINUATION frames. An attacker could potentially exploit this issue to cause a denial of service.

Ubuntu Security Notice USN-6743-3

Ubuntu Security Notice 6743-3 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Ubuntu Security Notice USN-6657-2

Ubuntu Security Notice 6657-2 - USN-6657-1 fixed several vulnerabilities in Dnsmasq. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Dnsmasq incorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. It was discovered that Dnsmasq incorrectly handled preparing an NSEC3 closest encloser proof. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. It was discovered that Dnsmasq incorrectly set the maximum EDNS.0 UDP packet size as required by DNS Flag Day 2020. This issue only affected Ubuntu 23.10.