Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

Ubuntu Security Notice USN-5600-1

Ubuntu Security Notice 5600-1 - Asaf Modelevsky discovered that the Intel 10GbE PCI Express Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Packet Storm
#vulnerability#ubuntu#linux#dos#intel#perl
Ubuntu Security Notice USN-5599-1

Ubuntu Security Notice 5599-1 - Asaf Modelevsky discovered that the Intel 10GbE PCI Express Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. It was discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.

Cymulate Raises $70M Series D Funding for Continuous Security Posture Testing

Investor participation from prior round demonstrates confidence in the company's current and future performance.

Botnets in the Age of Remote Work

Here are some strategies for protecting the business against botnets poised to take advantage of remote-work vulnerabilities.

Defenders Be Prepared: Cyberattacks Surge Against Linux Amid Cloud Migration

Ransomware in particular poses a major threat, but security vendors say there has been an increase in Linux-targeted cryptojacking, malware, and vulnerability exploits as well, and defenders need to be ready.

Researcher Spotlight: How Asheer Malhotra looks for ‘instant gratification’ in threat hunting

The India native has transitioned from a reverse-engineer hobbyist to a public speaker in just a few years   By Jon Munshaw.  Ninety percent of Asheer Malhotra’s work will never see the light of day. But it’s that 10 percent that keeps him motivated to keep looking for something new.  The Talos Outreach researcher spends most of his days looking into potential new threats. Many times, that leads to dead ends of threats that have already been discovered and blocked or don’t have any additional threads to pull on.  But eventually, the “lightbulb goes off,” as he puts it, which indicates something is a new threat the wider public needs to know about. During his time at Talos, Malhotra has spent much of his time looking into cyber attacks and state-sponsored threat actors in Asia, like the Transparent Tribe group he’s written about several times.  “At some point, I say ‘Hey, I don’t think I’ve seen this before.’ I start analyzing public disclosures, and slowly start gaining confidence and...

It’s Time to Get Real About TikTok’s Risks

US lawmakers keep warning about the popular app. But until they can explain what makes it uniquely dangerous, it’s difficult to tailor a resolution.

TA505 Hackers Using TeslaGun Panel to Manage ServHelper Backdoor Attacks

Cybersecurity researchers have offered insight into a previously undocumented software control panel used by a financially motivated threat group known as TA505. "The group frequently changes its malware attack strategies in response to global cybercrime trends," Swiss cybersecurity firm PRODAFT said in a report shared with The Hacker News. "It opportunistically adopts new technologies in order

The Pros and Cons of Managed Firewalls

Managed firewalls are increasingly popular. This post examines the strengths and weaknesses of managed firewalls to help your team decide on the right approach.

Ubuntu Security Notice USN-5595-1

Ubuntu Security Notice 5595-1 - Asaf Modelevsky discovered that the Intel 10GbE PCI Express Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.