Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

Building a Better SBOM

Generating an SBOM is easy. It's generating one that's comprehensive and accurate that's hard.

DARKReading
Open in Source
#vulnerability#intel#log4j#zero_day
Modernizing Vulnerability Management: The Move Toward Exposure Management

Managing vulnerabilities in the constantly evolving technological landscape is a difficult task. Although vulnerabilities emerge regularly, not all vulnerabilities present the same level of risk. Traditional metrics such as CVSS score or the number of vulnerabilities are insufficient for effective vulnerability management as they lack business context, prioritization, and understanding of

Lazarus Subgroup Targeting Apple Devices with New RustBucket macOS Malware

A financially-motivated North Korean threat actor is suspected to be behind a new Apple macOS malware strain called RustBucket. "[RustBucket] communicates with command and control (C2) servers to download and execute various payloads," Jamf Threat Labs researchers Ferdous Saljooki and Jaron Bradley said in a technical report published last week.  The Apple device management company attributed it

Google Cloud Introduces Security AI Workbench for Faster Threat Detection and Analysis

Google's cloud division is following in the footsteps of Microsoft with the launch of Security AI Workbench that leverages generative AI models to gain better visibility into the threat landscape.  Powering the cybersecurity suite is Sec-PaLM, a specialized large language model (LLM) that's "fine-tuned for security use cases." The idea is to take advantage of the latest advances in AI to augment

RHSA-2023:1976: Red Hat Security Advisory: qatzip security and bug fix update

An update for qatzip is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-36369: A potential flaw was found in QATzip. This vulnerability may allow escalation of privileges.

Millions of Artifacts, Misconfigured Enterprise Software Registries Are Ripe for Pwning

Researchers find 250 million artifacts and 65,000 container images exposed in registries and repositories scattered across the Internet.

Tangled Up: 'Tomiris' APT Uses Turla Malware, Confusing Researchers

Researchers are unraveling the threads connecting two separate, but in some ways overlapping, Russian-language APTs.

Intel Let Google Cloud Hack Its New Secure Chips and Found 10 Bugs

To protect its Confidential Computing cloud infrastructure and gain critical insights, Google leans on its relationships with chipmakers.

Google Cloud Announces New Security AI Workbench and Ecosystem Expansion at RSAC 2023

Businesses can now standardize their end-to-end cybersecurity programs on the industry's most secure infrastructure, while retaining choice and vendor optionality.