#mac

Silent Eight announced an extension to its existing partnership with HSBC to tackle financial crime.

Resistant AI and ComplyAdvantage launch AI transaction monitoring solution to combat fraud and money laundering.

A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.14 could be used by attackers (able to inject WLAN frames) to crash the kernel and potentially execute code.

Categories: News Tags: Google Tags: passkeys Tags: Android Tags: Chrome Tags: public key Tags: private key Tags: authenticator Tags: WebAuthn Passwords won't disappear any time soon, but a viable alternative is taking shape (Read more...) The post Android and Chrome start showing passwords the door appeared first on Malwarebytes Labs.

The comprehensive, multiplatform framework comes loaded with weapons, and it is likely another effort by a China-based threat group to develop an alternative to Cobalt Strike and Sliver.

Azure RTOS USBX is a high-performance USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. The case is, in [_ux_host_class_pima_read](https://github.com/azure-rtos/usbx/blob/master/common/usbx_host_classes/src/ux_host_class_pima_read.c), there is data length from device response, returned in the very first packet, and read by [L165 code](https://github.com/azure-rtos/usbx/blob/082fd9db09a3669eca3358f10b8837a5c1635c0b/common/usbx_host_classes/src/ux_host_class_pima_read.c#L165), as header_length. Then in [L178 code](https://github.com/azure-rtos/usbx/blob/082fd9db09a3669eca3358f10b8837a5c1635c0b/common/usbx_host_classes/src/ux_host_class_pima_read.c#L178), there is a “if” branch, which check the expression of “(header_length - UX_HOST_CLASS_PIMA_DATA_HEADER_SIZE) > data_length” where if header_length is smaller than UX_HOST_CLASS_PIMA_DATA_HEADER_SIZE, calculation could overflow and then [L182 code](https://github.com/azure-rtos/usbx/bl...

By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter.  October is National Cybersecurity Awareness Month. Which, if you’ve been on social media at all the past 13 days or read any cybersecurity news website, you surely know already.  As it does every year, I saw Cybersecurity Awareness Month kick off with a lot of snark and memes of people joking about what it even means to be “aware” of cybersecurity and why we even have this month at all. And I get why it’s easy to poke fun at, it is at its core a marketing-driven campaign, and hardcore security experts and researchers have notoriously pushed back against this being a marketing-driven field.  I’m not saying there should be Cybersecurity Awareness Month mascots brought to life on the floor of Black Hat, but it is probably time to pump the brakes on the skepticism and snark. After all, this week should be about broadening the security community, not trying to exclude others from it. I came to Talos ...

Introduction Cobalt Strike is a commercial Command and Control framework built by Helpsystems. You can find out more about Cobalt Strike on the MITRE ATT&CK page. But it can also be used by real adversaries. In this post we describe how to use RiskIQ and other Microsoft technologies to see if you have Cobalt Strike … Hunting for Cobalt Strike: Mining and plotting for fun and profit Read More »

Red Hat Security Advisory 2022-6801-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.8.51. Issues addressed include a code execution vulnerability.

For nearly 20 years, BlueHat has been where the security research community, and Microsoft security professionals come together as peers, to share, debate, challenge, learn, and exchange ideas in the interest of creating a safer and more secure world for all. We are extremely excited to announce that BlueHat is back in-person and the 2023 … BlueHat 2023 Call for Papers is Now Open! Read More »