Security
Headlines
HeadlinesLatestCVEs

Tag

#dell

Hackers Claim Breach of Hewlett Packard Enterprise, Lists Data for Sale

Hacker IntelBroker claims to have breached Hewlett Packard Enterprise (HPE), exposing sensitive data like source code, certificates, and…

HackRead
Open in Source
#vulnerability#web#cisco#git#intel#amd#nokia#acer#dell#docker#sap
Ivanti Urges Patch for Flaws in Connect Secure, Policy Secure and ZTA Gateways

Ivanti has issued a critical security advisory addressing two vulnerabilities in its Connect Secure, Policy Secure, and ZTA Gateway products.

Top 5 Malware Threats to Prepare Against in 2025

2024 had its fair share of high-profile cyber attacks, with companies as big as Dell and TicketMaster falling victim to data breaches and other infrastructure compromises. In 2025, this trend will continue. So, to be prepared for any kind of malware attack, every organization needs to know its cyber enemy in advance. Here are 5 common malware families that you can start preparing to counter

Data breaches in 2024: Could it get any worse?

An overview of what the year 2024 had to offer in the realm of data breaches: Big ones, sensitive data and some duds

Exploring vulnerable Windows drivers

This post is the result of research into the real-world application of the Bring Your Own Vulnerable Driver (BYOVD) technique along with Cisco Talos’ series of posts about  malicious Windows drivers.

Firmware Security: Identifying Risks to Implement Best Cybersecurity Practices

Find out the key security risks of firmware security: Identify threats, and learn best practices and protection methods…

Dell Urges Immediate Update to Fix Critical Power Manager Vulnerability

A critical security flaw in Dell Power Manager has been discovered that could allow attackers to compromise your systems and execute arbitrary code.

Senators Warn the Pentagon: Get a Handle on China’s Telecom Hacking

In a letter to the Department of Defense, senators Ron Wyden and Eric Schmitt are calling for an investigation into fallout from the Salt Typhoon espionage campaign.

GHSA-7f6p-phw2-8253: Taurus multi-party-sig has OT-based ECDSA protocol implementation flaws

Coinbase researchers reported 2 security issues in our implementation of the oblivious transfer (OT) based protocol [DKLS](https://eprint.iacr.org/2018/499.pdf): ### 1. Secret share recovery attack If the base OT setup of the protocol is reused for another execution of the OT extension, then a malicious participant can extract a bit of the secret of another participant. By repeating the execution they can eventually recover the whole secret. Therefore, unlike our comments suggested, you **must not reuse an OT setup** for multiple protocol executions. We're adding a warning in the code: https://github.com/taurushq-io/multi-party-sig/blob/9e4400fccee89be6195d0a12dd0ed052288d5040/internal/ot/extended.go#L114 ### 2. Invalid security proof due to incorrect operator The original 2018 version of the DKLS had a typo in the OT extension protocol when computing the check value in the OT extension: the paper noted a XOR whereas it should be a field multiplication. This erroneous behavior ...

Linux Variant of Helldown Ransomware Targets VMware ESX Servers

Cybersecurity firm Sekoia has discovered a new variant of Helldown ransomware. The article details their tactics and how…