Editors' Pick 

Brokewellt

Geronimo

A ThreatFabric elemzői a közelmúltban felfedeztek egy új mobil rosszindulatú programcsaládot, a Brokewellt, amely számos eszközátvételi képességgel rendelkezik. A minták elemzése során kiderült, hogy

Editors' Pick 

LightSpy macOS verzió

Geronimo

A BlackBerry április közepén blogján részletesen beszámolt a  – a kínai APT-41 csoportnak tulajdonított – LightSpy mobil kémprogram keretrendszer új

Editors' Pick 

Pakisztáni APT-k indiai kormány elleni támadásai

Geronimo

A közelmúltban a Pakisztánhoz köthető APT-k által indított, indiai kormányzati szervek elleni kibertámadások jelentős lendületet vettek. A Seqrite Labs APT-csapata

Microsoft ICSpector keretrendszer

Geronimo

APT csoportok pszichológiai megtévesztési kampányai

Geronimo

Silver keretrendszer fenyegetésvadászoknak

Geronimo

Microsoft Guidance for Incident Responders

Geronimo

OpenAI GPT-4 kihasználhatja a sérülékenységeket

Geronimo

Microsoft 2024 Q3 pénzügyi eredményei

Geronimo

ArcaneDoor

Geronimo

Sérülékeny kínai billentyűzetalkalmazások

Geronimo

Chrome javítás

Geronimo

TensorFlow AI-modellek sérülékenysége

Geronimo

M-Trends 2024

Geronimo

GuptiMiner

Geronimo

News

News 

There’s never been a better time to get into Fallout 76

Fallout 76 is good now. Actually, it’s always been good.Ars Technica – All contentRead More

Raspberry Pi adds more memory to the Compute Module 4S

Why Germany ditched nuclear before coal—and why it won’t go back

How I optimized an old office space for greater productivity and collaboration

The hyper-clouds are open source’s friends

New Pixel 8a leak suggests major upgrades in almost every way

This $30 USB-C meter will tell you if your iPhone chargers are genuine or not

Russia Vetoed a UN Resolution to Ban Space Nukes

Kiberbiztonsági hírek

Follow Us

Facebook-f

Vendors' news

Malware campaign attempts abuse of defender binaries

Showcasing Artwork by Max for Autism Awareness Month

Sandbox Evasion Techniques – Part 1

SubdoMailing campaign: hijacking domains for spamming | Kaspersky official blog

The Good, the Bad and the Ugly in Cybersecurity – Week 17

Life with the Penguin

Achieving Performant Single-Tenant Cloud Isolation with IBM Cloud Bare Metal Servers, Ubuntu Core, Snaps, and AMD Pensando Elba Data Processing Unit

Hacker’s Corner: Complete Guide to Keylogging in Linux – Part 1

Ubuntu 24.04 Security Enhancements Analyzed

Ubuntu Desktop 24.04 LTS: Noble Numbat deep dive

Canonical releases Ubuntu 24.04 LTS Noble Numbat

Check this out

16 arrests as Vietnamese network smuggling migrants across the English Channel busted

SIRIUS and An Garda Síochána advance collaboration in cross-border access to electronic evidence

SIRIUS and An Garda Siochana advance collaboration in cross border access to electronic evidence

21 arrested in hit against migrant smuggling across the EU-Russian border

9 Georgian nationals arrested for stealing antique books

CERT news

UPDATE Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software: CVSS (Max): 6.0

Siemens RUGGEDCOM APE1808 Devices: CVSS (Max): 10.0

yajl: CVSS (Max): 6.5

Featured categories

News

There’s never been a better time to get into Fallout 76

News

Why Germany ditched nuclear before coal—and why it won’t go back

News

Raspberry Pi adds more memory to the Compute Module 4S

News

How I optimized an old office space for greater productivity and collaboration

IOT

ICS

5G trends

Google’s Nest Secure Has Fully Shut Down: We’ve Got Answers if You’re Worried – CNET

Save Yourself Money Now and Later With 31% Off the Google Nest Thermostat at Amazon – CNET

A Beginner’s Guide to Composting: Everything You Need to Know to Start a Pile – CNET

Get No-Subscription Lorex Cameras for Up to 45% Off at Site-Wide Sale – CNET

Get Up to $80 Off Select Google Nest Devices With Our Exclusive Discount Code – CNET

Grab a New Robot Vacuum and Save Over $300 With These Deals – CNET

This Sale Slashes Eufy Smart Home Devices as Much as 40% – CNET

Blink Outdoor 4 Review: The All-Purpose Outdoor Security Cam – CNET

The Very First Blink Mini 2 Discount Slashes the Price to Just $30 – CNET

Buy an Amazon Echo Smart Speaker and Get a Free TP-Link Smart Bulb as Well – CNET

Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures

ISA/IEC 62443 and Risk Assessment: New Horizons in the AI Revolution

UK’s NCSC debuts CAF v3.2 to address rising threats to critical national infrastructure, boosts cybersecurity readiness

MITRE’s CREF Navigator aligns with DoD’s CMMC to boost cyber resilience in defense industrial base

Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure

Cisco firewalls targeted in sophisticated nation-state espionage hack

iSharing app vulnerabilities put users’ locations at risk

Almost a billion users’ keystrokes possibly leaked by Chinese keyboard apps

Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates

US indicts botnet operator

Windows 11 Insider Previews: What’s in the latest build?

Dropbox adds end-to-end encryption for team folders

The unspoken obnoxiousness of Google’s Gemini improvements

Android versions: A living history from 1.0 to 15

Apple reportedly cuts Vision Pro production due to low demand

Google can’t seem to quit cookies, delays killing them again

Windows 10: A guide to the updates

Windows 11: A guide to the updates

The end of non-compete agreements is a tech job earthquake

Gen Z workers pick genAI over managers for career advice

Vulnerabilities

CVE-2024-32491 | Znuny up to 7.0.16 DB.pm FormIDAddFile Filename unrestricted upload (ZSA-2024-01)

CVE-2024-32493 | Znuny up to 6.5.7/7.0.16 AJAX Request ID sql injection

CVE-2024-32492 | Znuny up to 7.0.16 Ticket Detail View cross site scripting

CVE-2023-1000 | cyanomiko dcnnt-py up to 0.9.0 Notification notifications.py main command injection (ID 23)

CVE-2024-4294 | PHPGurukul Doctor Appointment Management System 1.0 view-appointment-detail.php editid resource injection

CVE-2024-31601 | Beijing Panabit Network Software Panalog Big Data Analysis Platform up to 20240323 exportpdf.php Privilege Escalation

CVE-2024-32887 | Sidekiq up to 7.2.3 substr cross site scripting (GHSA-q655-3pj8-9fxq)

CVE-2024-3107 | Spectra Plugin up to 2.12.6 on WordPress path traversal

CVE-2024-32883 | mcu-tools MCUboot up to 1.11.0 integrity check (GHSA-m59c-q9gq-rh2j)

CVE-2024-1584 | Analytify Plugin up to 5.2.1 on WordPress Google Analytics Tracking ID authorization

CVE-2024-3342 | MotoPress Timetable and Event Schedule Plugin up to 2.4.11 on WordPress sql injection

CVE-2024-3553 | Tutor LMS Plugin up to 2.6.2 on WordPress Options Update authorization

CVE-2024-3309 | Qi Addons for Elementor Plugin up to 1.7.0 on WordPress Countdown Widget cross site scripting

CVE-2024-3819 | Jeg Elementor Kit Plugin up to 2.6.4 on WordPress JKit Banner cross site scripting

CVE-2024-3588 | Getwid Plugin up to 2.0.7 on WordPress Countdown cross site scripting

CVE-2024-4291 | Tenda A301 15.13.08.12_multi_TDE01 /goform/setBlackRule formAddMacfilterRule deviceList stack-based overflow

CVE-2024-4292 | Contemporary Controls BASrouter BACnet BASRT-B 2.7.2 Device-Communication-Control Service denial of service

CVE-2024-4293 | PHPGurukul Doctor Appointment Management System 1.0 appointment-bwdates-reports-details.php fromdate/todate cross site scripting

CVE-2024-31551 | CmsEasy 7.7.7.9 GET Request image.admin.php path traversal

CVE-2024-2859 | Brocade SANnav 2.3.0 access control

CVE-2024-3051 | silabs ZIP Gateway SDK up to 7.18.03 Device Reset unusual condition

CVE-2024-3052 | Silabs Z-IP Gateway SDK prior 7.14.00 S2 Nonce Get Command Class unusual condition

CVE-2024-30804 | Asus Fan_Xpert prior 10013 DeviceIoControl Privilege Escalation

CVE-2024-31741 | MiniCMS 1.11 cross site scripting (Issue 49)

CVE-2024-31828 | Lavalite CMS 10.1.0 URL cross site scripting

CVE-2024-25343 | Tenda N300 F3 Security Policy weak password

CVE-2022-48611 | Apple iTunes up to 12.12.3 on Windows Local Privilege Escalation (ID 103001)

CVE-2024-32881 | danswer-ai danswer up to 0.3.62 improper authorization

CVE-2024-32878 | ggerganov llama.cpp gguf_init_from_file missing initialization (b2740)

CVE-2024-31502 | Insurance Management System up to 1.0.0 POST Request /admin/core/new_staff Privilege Escalation