Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

Ubuntu Security Notice USN-7089-2

Ubuntu Security Notice 7089-2 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Packet Storm
#vulnerability#mac#google#microsoft#ubuntu#linux#dos#perl#samba#amd#ibm
Ubuntu Security Notice USN-7088-2

Ubuntu Security Notice 7088-2 - Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Warning: Hackers could take over your email account by stealing cookies, even if you have MFA

The FBI has issued a warning that cybercriminals are taking over email accounts via stolen session cookies, whether or not someone has set up MFA.

Dark Reading Confidential: Quantum Has Landed, So Now What?

Episode #4: NIST's new post-quantum cryptography standards are here, so what comes next? This episode of Dark Reading Confidential digs into the world of quantum computing from a cybersecurity practitioner's point of view — with guests Matthew McFadden, vice president, Cyber, General Dynamics Information Technology (GDIT) and Thomas Scanlon, professor, Heinz College, Carnegie Mellon University.

Enhance customer experiences with Generative AI

The advent of Generative AI and its application in real-life use cases has been on the cards for…

Malware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat Packages

An ongoing campaign is targeting npm developers with hundreds of typosquat versions of their legitimate counterparts in an attempt to trick them into running cross-platform malware. The attack is notable for utilizing Ethereum smart contracts for command-and-control (C2) server address distribution, according to independent findings from Checkmarx, Phylum, and Socket published over the past few

GHSA-5p5r-57fx-pmfr: Langflow vulnerable to remote code execution

langflow <=1.0.18 is vulnerable to Remote Code Execution (RCE) as any component provided the code functionality and the components run on the local machine rather than in a sandbox.

APT36 Refines Tools in Attacks on Indian Targets

The Pakistan-based advanced persistent threat actor has been carrying on a cyber-espionage campaign targeting organizations on the subcontinent for more than a decade, and it's now using a new and improved "ElizaRAT" malware.

Antivirus, Anti-Malware Lead Demand for AI/ML Tools

Companies are attaching the term "AI" to everything these days, but in cybersecurity, machine learning is more than hype.

Why your vote can&#8217;t be &#8220;hacked,&#8221; with Cait Conley of CISA (Lock and Code S05E23)

This week on the Lock and Code podcast, we speak with Cait Conley about CISA's election security measures and why your vote can't be hacked.