Friday, February 3, 2023
Latest:
Editors' Pick 

MalVirt loader a Formbook malware-t terjeszti

Geronimo

A SentinelLabs a Formbook családhoz tartozó infostealer rosszindulatú programokkal kapcsolatban azonosította a MalVirt loadert egy folyamatban lévő kampány részeként. Az Office-makrók helyett

Exporttilalom a Huawei részére

Geronimo

Zsarolóvírus trendek 2023-ra

Geronimo

Kritikus OpenEMR sérülékenységek

Geronimo

ImageMagick sérülékenységei

Geronimo

News

News 

Sniffing Authentication References on macOS

CVE-2017-7170 was a local priv-esc vulnerability that affected OSX/macOS for over a decade! Here (for the first time!), we dive

Weaponizing a Lazarus Group Implant

Cache Me Outside

Getting Root with Benign AppStore Apps

Who Moved My Pixels?!

Awareness Corner

Follow Us

Facebook-f

Vendors' news

Taking the next step: OSS-Fuzz in 2023

Yanac

Detecting credential access without losing cred

Yanac

Password-stealing “vulnerability” reported in KeePass – bug or feature?

Yanac

Password-stealing “vulnerability” reported in KeePass – bug or feature?

Yanac

OneNote Documents Increasingly Used to Deliver Malware

Yanac

Life with the Pengiun

From model-centric to data-centric MLOps

Intel’s “DOITM” Security Feature Not Intended For Always-On Use, Linux Patches To Be Revised

Linux Foundation Launches Open Source Metaverse Group to Drive Interoperability

Red Hat Enterprise Linux arrives in Oracles cloud

Microsoft Upgrades Defender to Lock Down Linux Gear for its Own Good

Check this out

Capture22 photo competition: celebrating hard work and dedication

23 arrested in Spanish football match-fixing probe

Cybercriminals stung as HIVE infrastructure shut down

Successful takedown of drug trafficking network in Italy and Albania

Outstanding results for the 2022 EU Most Wanted campaign

CERT news

“Citrix Gateway and Citrix ADC Security Bulletin for CVE-2022-27510 CVE-2022-27513 and CVE-2022-27516” One of the C… https://t.co/JkpigsMiDw

RT @LU_CIX: Join us next week at the #Luxembourg #Internet Days for the speech of Jean-Louis HUYNEN from @circl_lu on how to model and shar…

The MeliCERTes project is concluding after 3-years of hard work to create an open platforms to collaborate on cyber… https://t.co/a5ZXDDwQOi

Featured categories

Security Vulns 

CVE-2023-24144

Security Vulns 

CVE-2023-24145

Security Vulns 

CVE-2023-24147

Security Vulns 

CVE-2023-24149

IOT

ICS

5G trends

One of Our Favorite Smart Scales Is 25% Off Today Only – CNET

Samsung’s SmartThings Station Is Ready for Your iOS Devices – CNET

Best Smoke Detector for 2023 – CNET

This $121 Philips Hue Entertainment Bundle Lights Your Space for Less – CNET

How to Extend Your Wi-Fi Outdoors – CNET

IoTDAY 2023

Emerging Startups 2023: Top Internet of Things Infrastructure Startups

Nab a Wired Ring Video Doorbell for Just $39 Right Now at Amazon – CNET

Apple Is Reportedly Developing More Smart Home Products – CNET

Outfit Your Home With TP-Link Smart Home and Router Deals With Up to 53% Off – CNET

Lawmakers ask DOE for documents related to cyberattack on nuclear research laboratories by Russian hackers

Multiple Ransomware Attacks on Artillery Contractors

New CISC document focuses on risk assessment advisory for communications sector

The need for correct, authenticated pressure measurements for reliability, safety, and cyber security

GAO finds challenges in protecting federal systems and information, calls for increased implementation

NIST releases voluntary PNT Profile to mitigate potential impacts of disruption or manipulation

Recorded Future releases cyber threat analysis covering cybercrime, Russian state, and Ukraine war

HC3, AHA warn of pro-Russian KillNet hacktivist group targeting healthcare sector using DDoS attack technique

JCDC 2023 Planning Agenda to address systemic risk, collective cyber response, high-risk communities

CISA MITRE ATT&CK for ICS focuses on adversarial tactics, techniques disrupting industrial control process

Bite Lithuania claims 5G speed record ahead of launch

Finland and South Korea to collaborate on 6G

ETNO says Europe’s 5G rollout is lagging behind global peers

European Commission launches second call for 6G projects

Vodafone UK trials standalone 5G

European Commission to fund 5G research for defence applications

German telecoms regulator reviews 5G coverage targets

France issues €750 million call for 5G and 6G projects

Spain to offer up €60 million for 5G projects

A1 Slovenia records a 45% increase in data usage in 2022

Vulnerabilities

CVE-2023-24147

CVE-2023-24145

CVE-2023-24144

CVE-2023-24151

CVE-2023-24150

CVE-2023-24148

CVE-2023-24149

CVE-2023-24152

CVE-2023-24155

CVE-2023-24153

CVE-2023-24154

Le ransomware Nevada attaque les clients ESXi des hébergeurs français

Cisco исправила ошибку, позволяющую сохранять бэкдор даже при обновлении

CVE-2023-24157

CVE-2023-24156

11:40 ET The Worldwide Blockchain Industry is Anticipated to Reach $68.7 Billion by 2027 at a CAGR of 69.8%

11:40 ET The Worldwide Blockchain Industry is Anticipated to Reach $68.7 Billion by 2027 at a CAGR of 69.8%

11:40 ET The Worldwide Blockchain Industry is Anticipated to Reach $68.7 Billion by 2027 at a CAGR of 69.8%

11:40 ET The Worldwide Blockchain Industry is Anticipated to Reach $68.7 Billion by 2027 at a CAGR of 69.8%

CERTFR-2023-ACT-007 : Bulletin d’actualité CERTFR-2023-ACT-007 (03 février 2023)

CVE-2022-48074 | NoMachine up to 8.2.2 NXS File Privilege Escalation

CVE-2022-48022 | Zammad 5.3.0 Ticket /api/v1/mentions permission

CVE-2022-48021 | Zammad 5.3.0 Message Privilege Escalation

CVE-2022-47131 | Academy LMS up to 5.9 cross-site request forgery

CVE-2022-4714 | WP Dark Mode up to 3.0.6 on WordPress Shortcode cross site scripting

CVE-2023-23636 | Jellyfin up to 10.8.3 Playlist Name cross site scripting (ID 3788)

CVE-2023-23635 | Jellyfin up to 10.8.3 Collection Name cross site scripting (ID 3788)

CVE-2022-47132 | Academy LMS up to 5.9 Add Administrator cross-site request forgery

Remote Code Execution Vulnerability in Atom CMS 2.0 (CVE-2022-25487)

CVE-2022-4897 | BackupBuddy Plugin up to 8.8.2 on WordPress cross site scripting