Sat.Feb 10, 2024

article thumbnail

Google Chrome Zero-Day PoC Code Released

Penetration Testing

A proof-of-concept (PoC) exploit code and technical details have been made available for a zero-day security flaw, tracked as CVE-2022-4262 (CVSS 8.8), affecting Google Chrome. The heart of this vulnerability lies within the Chrome... The post Google Chrome Zero-Day PoC Code Released appeared first on Penetration Testing.

article thumbnail

CISA adds Fortinet FortiOS bug to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiOS bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Fortinet FortiOS Out-of-Bound write vulnerability, tracked as CVE-2024-21762 , to its Known Exploited Vulnerabilities (KEV) catalog. This week Fortinet warned that the recently discovered critical remote code execution vulnerability in FortiOS SSL VPN, tracked as CVE-2024-21762 (CVSS score

VPN 144
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Breaking News: Namecheap Hit by DDoS Attacks

Penetration Testing

Today, one of the internet giants, Namecheap has been hit by a series of DDoS attacks that threaten to disrupt its operations. Namecheap, an ICANN-accredited domain name registrar, and web hosting company, stands as... The post Breaking News: Namecheap Hit by DDoS Attacks appeared first on Penetration Testing.

DDOS 120
article thumbnail

macOS Backdoor RustDoor likely linked to Alphv/BlackCat ransomware operations

Security Affairs

Bitdefender Researchers linked a new macOS backdoor, named RustDoor, to the Black Basta and Alphv/BlackCat ransomware operations. Researchers from Bitdefender discovered a new macOS backdoor, dubbed RustDoor, which appears to be linked to ransomware operations Black Basta and Alphv/BlackCat. RustDoor is written in Rust language and supports multiple features.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Electron Team Addresses “runAsNode” CVE Misconceptions

Penetration Testing

In the ever-evolving realm of software development, security remains at the forefront of priorities, especially when vulnerabilities are reported. Recently, the Electron development team faced a storm of concern following the disclosure of several... The post Electron Team Addresses “runAsNode” CVE Misconceptions appeared first on Penetration Testing.

article thumbnail

Raspberry Robin malware evolves with early access to Windows exploits

Bleeping Computer

Recent versions of the Raspberry Robin malware are stealthier and implement one-day exploits that are deployed only on systems that are susceptible to them. [.

Malware 107

More Trending

article thumbnail

Surfshark CleanWeb Review 2024: Ultimate Ad Blocker

SecureBlitz

Here is the Surfshark CleanWeb review… Anyone would agree that browsing with ads at every scroll can be annoying. That’s why ad blockers are popular today. But imagine having a VPN plus ad blocker all in one? That’s what you get with Surfshark CleanWeb. Surfshark CleanWeb works as an ad blocker feature integrated into the […] The post Surfshark CleanWeb Review 2024: Ultimate Ad Blocker appeared first on SecureBlitz Cybersecurity.

VPN 87
article thumbnail

The Invisible Threat: KV-botnet Infects SOHO Devices Worldwide

Penetration Testing

A new menace emerged, dubbed “KV-botnet,” this sophisticated malware network was identified by Lumen’s Black Lotus Labs, revealing a covert operation that had infected small-office and home-office routers and firewall devices globally. The KV-botnet... The post The Invisible Threat: KV-botnet Infects SOHO Devices Worldwide appeared first on Penetration Testing.

article thumbnail

UK to replace physical biometric immigration cards with e-visas

Bleeping Computer

By 2025, Britain is set to ditch physical immigration documents like Biometric Residence Permits (BRPs) and Biometric Residence Cards (BRCs) in a bid to make its borders digital, in-line with developed countries like Australia. Understand what these Home Office changes mean for existing BRP and BRC holders, and what you need to do. [.

82
article thumbnail

KiTTY Triple Threat: Millions of Users Exposed to RCE Flaws, No Patch Available!

Penetration Testing

Security researcher Austin A. DeFrancesco, known as DEFCESCO, recently revealed a trio of vulnerabilities in KiTTY, a popular fork of the renowned PuTTY SSH and telnet client. With over 20 million downloads worldwide, KiTTY’s... The post KiTTY Triple Threat: Millions of Users Exposed to RCE Flaws, No Patch Available! appeared first on Penetration Testing.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Identification Documents: an Obsolete Fraud Countermeasure

Security Boulevard

When I'm talking to bankers and other fraud fighters, I often mention how easy it is for a criminal to obtain a Drivers License bearing any information they desire. I was reminded of this again as I saw the sentencing of Desmond Nkwenya from Brookhaven, Georgia this week. The DOJ press release from the Eastern District of Virginia released 09FEB2024 was entitled " Four Members of Bank Fraud Ring Sentenced.

Banking 72
article thumbnail

How 3 Million ‘Hacked’ Toothbrushes Became a Cyber Urban Legend

WIRED Threat Level

Plus: China’s Volt Typhoon hackers lurked in US systems for years, the Biden administration’s crackdown on spyware vendors ramps up, and a new pro-Beijing disinformation campaign gets exposed.

Spyware 136
article thumbnail

List of IT Audit Professional Bodies & Certifications

Security Boulevard

The below list covers the key professional bodies and certifications to consider as part of an IT Audit career. Bear in mind that there are many different routes and the qualifications that are right for you will depend on your interests, professional background, current role, and goals. Academic study is also very valuable, in particular any bachelors or masters degree.

article thumbnail

USENIX Security ’23 – Measuring Up To (Reasonable) Consumer Expectations: Providing An Empirical Basis For Holding IoT Manufacturers Legally Responsible

Security Boulevard

Authors/Presenters: Lorenz Kustosch, Carlos Gañán, Mattis van 't Schip, Michel van Eeten, Simon Parkin Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott ; and via the organizations YouTube channel.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Facebook fake videos

Security Boulevard

I have spent a not-very-happy time this morning, besieged by Facebook group posts passed off as porn videos and trying to get rid of them. In fact, it’s unlikely that they’re either porn or videos: they’re bot postings of malicious links that are probably intended to steal credentials. It’s not just fake porn that infests […] The post Facebook fake videos appeared first on Security Boulevard.

Scams 111