Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

Trend Micro Announces New Subsidiary for 5G Cybersecurity

DARKReading
#google#microsoft#git#intel
Cops Hacked Thousands of Phones. Was It Legal?

When police infiltrated the EncroChat phone system in 2020, they hit an intelligence gold mine. But subsequent legal challenges have spread across Europe.

Understanding Infrastructure-as-Code Risks in the Cloud

Improve overall IT administration and establish a framework to identify misconfigurations and automate the process of checking IaC before it makes it into the production environment.

The FBI's Perspective on Ransomware

Ransomware: contemporary threats, how to prevent them and how the FBI can help In April 2021, Dutch supermarkets faced a food shortage. The cause wasn't a drought or a sudden surge in the demand for avocados. Rather, the reason was a ransomware attack. In the past years, companies, universities, schools, medical facilities and other organizations have been targeted by ransomware threat actors,

Raspberry Robin Worm Hatches a Highly Complex Upgrade

The Evil Corp-linked malware family has undergone an evolution, becoming more obfuscated and "several times more complex," as the group behind it tests how far the worm can be spread.

EuskalHack Security Congress VI Call For Papers

EuskalHack Security Congress sixth edition is a new proposal from the EuskalHack Computer Security Association, with the aim to promote the community growth and the culture in the digital security field. As usual, in this new edition proximity to our public and technical quality will be our hallmarks. This exclusive conference is shaping up as the most relevant in Basque Country, with an estimated 200 attendees for this sixth edition. The participants include specialized companies, public organisms, state security organizations, professionals, hobbyists and students in the area of security and Information Technology. The date for the conference is the 23th and 24th of June 2023 in the lovely city of Donostia San Sebastian.

CVE-2022-34322

Multiple XSS issues were discovered in Sage Enterprise Intelligence 2021 R1.1 that allow an attacker to execute JavaScript code in the context of users' browsers. The attacker needs to be authenticated to reach the vulnerable features. An issue is present in the Notify Users About Modification menu and the Notifications feature. A user can send malicious notifications and execute JavaScript code in the browser of every user who has enabled notifications. This is a stored XSS, and can lead to privilege escalation in the context of the application. (Another issue is present in the Favorites tab. The name of a favorite or a folder of favorites is interpreted as HTML, and can thus embed JavaScript code, which is executed when displayed. This is a self-XSS.)