Security
Headlines
HeadlinesLatestCVEs

Tag

#c++

Venom Spider Spins Web of New Malware for MaaS Platform

A novel backdoor malware and a loader that customizes payload names for each victim have been added to the threat group's cybercriminal tool set.

DARKReading
#web#cisco#js#git#java#c++#backdoor#rce#auth#chrome
Microsoft Warbird and PMP Security Research

This paper provides an in-depth technical explanation, illustration, and verification of discovered attacks affecting PlayReady on Windows 10 / 11 x64 that pertain to Warbird deficiencies, content key sniffer operation, magic XOR keys discovery, white-box crypto attack, and complete client identity compromise attacks.

Microsoft Boosts Device Security With Windows Resiliency Initiative

Microsoft is readying a new release of Windows in 2025 that will have significant security controls, such as more resilient drivers and a "self-defending" operating system kernel.

How Python Software Development Enhances Cyber Defense

Python has emerged as a powerful ally in combating rising cybersecurity threats and tracking cybercrime through tools leveraging…

Fake Betting Apps Using AI-Generated Voices to Sensitive Data

Group-IB has discovered that cybercriminals are using fake betting apps and ads with AI-generated voices to steal personal information and money. Discover the tactics used by scammers and how to avoid falling victim to these fraudulent schemes.

Ransomware Gangs Seek Pen Testers to Boost Quality

Qualified applicants must be able to test ransomware encryption and find bugs that might enable defenders to jailbreak the malware.

Ubuntu Security Notice USN-7125-1

Ubuntu Security Notice 7125-1 - It was discovered that RapidJSON incorrectly parsed numbers written in scientific notation, leading to an integer underflow. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code.

Linux 6.6 Race Condition

A security-relevant race between mremap() and THP code has been discovered. Reaching the buggy code typically requires the ability to create unprivileged namespaces. The bug leads to installing physical address 0 as a page table, which is likely exploitable in several ways: For example, triggering the bug in multiple processes can probably lead to unintended page table sharing, which probably can lead to stale TLB entries pointing to freed pages.

Middle East Cybersecurity Efforts Catch Up After Late Start

Despite having only a scant focus on cybersecurity regulations a decade ago, countries in the Middle East — led by Saudi Arabia and other Gulf nations — have adopted mature frameworks and regulations amid escalating volumes of attacks.

New SteelFox Malware Posing as Popular Software to Steal Browser Data

SteelFox malware targets software pirates through fake activation tools, stealing credit card data and deploying crypto miners. Learn…