Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

Google Cloud Connects Chronicle to Health ISAC Feed

Members of the Health-ISAC can ingest threat indicators directly into Chronicle to investigate whether the threat is present in their environment.

DARKReading
Open in Source
#vulnerability#mac#google#git#intel
NewsPenguin Goes Phishing for Maritime & Military Secrets

A sophisticated cyber-espionage attack against high-value targets attending a maritime technology conference in Pakistan this weekend has been in the works since last year.

4 Ways to Handle AI Decision-Making in Cybersecurity

As evolving cyber threats force security teams to adopt AI to automate workflows, we ask how the relationship between humans and AI will pan out.

Avast Threat Report: Consumers Plagued With Refund Fraud, Tech Support Scams, and Adware

Avast researchers also discovered and reported two zero-day vulnerabilities, and observed the spread of information-stealing malware, remote access trojans, and botnets.

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating "Trickbot," a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. The U.S. Department of the Treasury says the Trickbot group is associated with Russian intelligence services, and that this alliance led to the targeting of many U.S. companies and government entities.

GHSA-cf4g-fcf8-3cr9: `pnet_packet` buffer overrun in `set_payload` setters

As indicated by this [issue](https://github.com/libpnet/libpnet/issues/449#issuecomment-663355987), a buffer overrun is possible in the `set_payload` setter of the various mutable "Packet" struct setters. The offending `set_payload` functions were defined within the struct `impl` blocks in earlier versions of the package, and later by the `packet` macro. Fixed in the `packet` macro by [this](https://github.com/libpnet/libpnet/pull/455) PR.

NIST Picks IoT Standard for Small Electronics Cybersecurity

NIST announces that it will use Ascon as a cryptography standard for lightweight IoT device protection.

Twitter Implements API Paywall, but Will That Solve Its Enormous Bot Crisis?

Restricting the Twitter API will have implications across Twitter, the broader Internet, and society, experts say. Is there a cybersecurity silver lining, or will threat actors pay to play?

SOUND4 LinkAndShare Transmitter 1.1.2 Format String Stack Buffer Overflow

SOUND4 LinkAndShare Transmitter version 1.1.2 suffers from a format string memory leak and stack buffer overflow vulnerability because it fails to properly sanitize user supplied input when calling the getenv() function from MSVCR120.DLL resulting in a crash overflowing the memory stack and leaking sensitive information. The attacker can abuse the username environment variable to trigger and potentially execute code on the affected system.