Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

HP Exposes Low-Effort, High-Impact Cat-Phishing Targeting Users

By Waqas New HP report reveals cybercriminals are increasingly leveraging "cat-phishing" techniques, exploiting open redirects in legitimate websites to deceive users and deliver malware. This is a post from HackRead.com Read the original post: HP Exposes Low-Effort, High-Impact Cat-Phishing Targeting Users

HackRead
Open in Source
#vulnerability#web#mac#windows#google#microsoft#git#oracle#intel
Rounding up some of the major headlines from RSA

Here’s a rundown of some things you may have missed if you weren’t able to stay on top of the things coming out of the conference.

Shadow IT: Personal GitHub Repos Expose Employee Cloud Secrets

By Deeba Ahmed Alerted by a recent discovery of employee personal GitHub repos exposing internal Azure and Red Hat secrets, this article dives into the dangers of Shadow IT and offers solutions to prevent cloud credential leaks and secure your cloud environment. This is a post from HackRead.com Read the original post: Shadow IT: Personal GitHub Repos Expose Employee Cloud Secrets

CVE-2024-4950: Chromium: CVE-2024-4950 Inappropriate implementation in Downloads

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 124.0.2478.109 5/16/2024 124.0.6367.221

CVE-2024-4949: Chromium: CVE-2024-4949 Use after free in V8

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 124.0.2478.109 5/16/2024 124.0.6367.221

CVE-2024-4948: Chromium: CVE-2024-4948 Use after free in Dawn

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 124.0.2478.109 5/16/2024 124.0.6367.221

CVE-2024-4947: Chromium: CVE-2024-4947 Type Confusion in V8

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 124.0.2478.109 5/16/2024 124.0.6367.221

CVE-2024-30056: Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** The user would have to click on a specially crafted URL to be compromised by the attacker.

Cybercriminals Exploiting Microsoft’s Quick Assist Feature in Ransomware Attacks

The Microsoft Threat Intelligence team said it has observed a threat it tracks under the name Storm-1811 abusing the client management tool Quick Assist to target users in social engineering attacks. "Storm-1811 is a financially motivated cybercriminal group known to deploy Black Basta ransomware," the company said in a report published on May 15, 2024. The

MITM Attacks Can Still Bypass FIDO2 Security, Researchers Warn

By Deeba Ahmed Is FIDO2 truly unbreachable?  Recent research exposes a potential vulnerability where attackers could use MITM techniques to bypass FIDO2 security keys. This is a post from HackRead.com Read the original post: MITM Attacks Can Still Bypass FIDO2 Security, Researchers Warn