Security Bulletin

The security vendor has also implemented several changes to protect against the kind of snafu that crashed 8.5 million Windows computers worldwide last month.

The RISC-V platform has found itself presented with a new security flaw based within the hardware of some CPUs.

During a "Shark Tank"-like final, each startup's representative spent five minutes detailing their company and product, with an additional five minutes to take questions from eight judges from Omdia, investment firms, and top companies in cyber.

Black Hat USA 2024 kicks off with powerhouse panel waxing on election integrity.

The “Shadow Resource” flaws enabled attackers to pre-claim other users’ S3 buckets as their own.

CrowdStrike admitted in its root cause analysis that a lack of proper testing was part of the cause of the outage.

The evolving malware is targeting hospitality and other B2C workers in Canada and Europe with capabilities that can evade Android 13 security restrictions.

See how to set up a working Auto-VPN architecture in a multi-cloud environment (AWS and Google Cloud). This guide provides actionable steps and techniques for designing and deploying Meraki vMX in a multi-cloud environment.

Infiltration of several Advanced health and care systems through a customer account without multi-factor authentication resulted in the widespread disruption of NHS services that lasted for weeks.

Aside from inconsistencies between Content Validator inputs and those received by the Content Interpreter, such an issue was also caused by an out-of-bounds flaw in the Content Interpreter and inadequate testing, according to a root cause analysis...

Such a security issue — which is a patch bypass for the already addressed path traversal flaw, tracked as CVE-2024-36104 — stems from an authentication mechanism vulnerability enabling unauthenticated access to critical endpoints.

Already exploited by attackers is the "LNK Stomping" method, which involves a Windows shortcut file management vulnerability that disregards Windows Mark of the Web, according to an Elastic Security Labs analysis.