Aggregator

Cybersecurity experts have uncovered a series of attacks targeting organizations in Kazakhstan by a threat actor dubbed “Bloody Wolf.” The group utilizes STRRAT, an inexpensive but potent malware available on underground forums for as little as $80. Since late 2023, researchers at BI.ZONE Threat Intelligence has been tracking Bloody Wolf’s activities. The attackers employ sophisticated […]

The post Bloody Wolf Attacking Organizations With $80 Malware From Underground Market appeared first on Cyber Security News.

In a nutshell:The ACCDE format is rarely abused by attackers: not a single ACCDE file upload

A novel Linux kernel exploit technique called SLUBStick has proven to be 99% successful running the kind of attacks that in the past had a success rate of about 40% and allows bad actors to take total control of a system.

The post Novel SLUBStick Linux Exploit Gives Attackers Full System Control appeared first on Security Boulevard.

A newly discovered technique for exploiting flaws in the Linux kernel could allow bad actors to byp

Articles related to cyber risk quantification, cyber risk management, and cyber resilience.

The post Leveraging CRQ to Comply With DORA Regulations | Kovrr appeared first on Security Boulevard.

‍TL;DR‍Digital transactions, both large and small, have become the dominant method of managing

Вредоносное ПО шпионит за Android-пользователями с 2021 года.

1234 hello world

守护国家能源安全！

A vulnerability was found in Korenix JetPort 5601v3 up to 1.2 and classified as problematic. This issue affects some unknown processing. The manipulation leads to missing encryption of sensitive data. The identification of this vulnerability is CVE-2024-7396. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in Korenix JetPort 5601v3 up to 1.2 and classified as very critical. This vulnerability affects unknown code. The manipulation leads to command injection. This vulnerability was named CVE-2024-7397. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in Arm Bifrost GPU Kernel Driver, Valhall GPU Kernel Driver and 5th Gen GPU Architecture Kernel Driver up to r49p0. This affects an unknown part. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2024-2937. The attack needs to be approached locally. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Arm Bifrost GPU Kernel Driver, Valhall GPU Kernel Driver and 5th Gen GPU Architecture Kernel Driver up to r49p0. Affected by this issue is some unknown functionality. The manipulation leads to use after free. This vulnerability is handled as CVE-2024-4607. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability classified as very critical was found in Korenix JetPort 5601v3 up to 1.2. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper authentication. This vulnerability is known as CVE-2024-7395. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Red Hat Enterprise Linux and Enterprise Linux Advanced Virtualization. Affected is an unknown function of the component libnbd. The manipulation leads to improper certificate validation. This vulnerability is traded as CVE-2024-7383. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in LibreOffice up to 24.2.4. It has been rated as problematic. This issue affects some unknown processing of the component Signed Macro Handler. The manipulation leads to improper certificate validation. The identification of this vulnerability is CVE-2024-6472. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

There is only a few days left to get $300 off the standard conference price at mWISE. Learn more from mWise 2024 about how to get the discount and the upcoming cybersecurity sessions. [...]

Adopting a military mindset toward cybersecurity means the industry moves beyond the current network protection strategies and toward a data-centric security approach.

This year at Black Hat USA, Trend Micro’s Zero Day Initiative (ZDI) will award our inaugural Vang