Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

The United States today unveiled sanctions and indictments against the alleged proprietor of Joker's Stash, a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. The government also indicted a top Russian cybercriminal known as Taleon, whose cryptocurrency exchange Cryptex has evolved into one of Russia's most active money laundering networks.

Krebs on Security
Open in Source
#vulnerability#web#mac#intel#pdf#auth#blog
Moving DevOps Security Out of the 'Stone Age'

Developers need to do more than scan code and vet software components, and ops should do more than just defend the deployment pipeline.

Telegram will hand over user details to law enforcement

Telegram is making changes to make it less attractive for users with criminal intentions, by saying it will share user IPs and phone numbers with authorities.

EPSS vs. CVSS: What’s the Best Approach to Vulnerability Prioritization?

Many businesses rely on the Common Vulnerability Scoring System (CVSS) to assess the severity of vulnerabilities for prioritization. While these scores provide some insight into the potential impact of a vulnerability, they don’t factor in real-world threat data, such as the likelihood of exploitation. With new vulnerabilities discovered daily, teams don’t have the time - or the budget - to

GenAI Writes Malicious Code to Spread AsyncRAT

Researchers have uncovered one of the first examples of threat actors using artificial intelligence chatbots for malware creation, in a phishing attack spreading the open source remote access Trojan.

'SloppyLemming' APT Abuses Cloudflare Service in Pakistan Attacks

Who needs advanced malware when you can take advantage of a bunch of OSS tools and free cloud services to compromise your target?

China's 'Salt Typhoon' Cooks Up Cyberattacks on US ISPs

The state-sponsored advanced persistent threat (APT) is going after high-value communications service provider networks in the US, potentially with a dual set of goals.

ABB Cylon Aspect 3.07.00 Remote Code Execution

The ABB Cylon Aspect version 3.07.00 BMS/BAS controller suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the host HTTP GET parameter called by networkDiagAjax.php script.

Ubuntu Security Notice USN-7033-1

Ubuntu Security Notice 7033-1 - It was discovered that some Intel Processors did not properly restrict access to the Running Average Power Limit interface. This may allow a local privileged attacker to obtain sensitive information. It was discovered that some Intel Processors did not properly implement finite state machines in hardware logic. This may allow a local privileged attacker to cause a denial of service.

Digital Asset Trading Platform UEEx Strengthens Digital Asset Security with New Protection Policy

UEEx enhances user security with new compensation policies addressing abnormal market volatility and asset protection. Users can now…