BLint is a Binary Linter designed to evaluate the security properties and capabilities of executable files. It utilizes LIEF (Library for Executable and Instrumentation Format) for its operations.
The D-Link EXO AX4800 (DIR-X4860) router is vulnerable to remote unauthenticated command execution that could lead to complete device takeovers by attackers with access to the HNAP port.
The threat actors then call the impacted users, posing as members of the organization’s IT team, and attempt to socially engineer the users into providing remote access to their computers through the use of legitimate RMM solutions.
Authorities have identified Dmitry Yuryevich Khoroshev, a Russian man, as the alleged leader of the infamous LockBit ransomware group, which has extorted over $500 million from hundreds of victim organizations over the past four years.
NIST has only analyzed 2 of the nearly 2,000 new vulnerabilities received in May. The backlog is attributed to an increase in software and vulnerabilities, as well as a change in interagency support, according to NIST.
A Dutch court on Tuesday sentenced one of the co-founders of the now-sanctioned Tornado Cash cryptocurrency mixer service to 5 years and 4 months in prison. While the name of the defendant was redacted in the verdict, it’s known that Alexey Pertsev, a 31-year-old Russian national, has been awaiting trial in the Netherlands on money laundering charges.
The EMB3D model provides a common understanding of cyber threats to embedded devices and the security mechanisms needed to mitigate them. It is based on observations of threat actor activities, security research, and device vulnerability reports.
Microsoft has addressed a total of 61 new security flaws in its software as part of its Patch Tuesday updates for May 2024, including two zero-days which have been actively exploited in the wild. Of the 61 flaws, one is rated Critical, 59 are rated Important, and one is rated Moderate in severity. This is in addition to 30 vulnerabilities&
The UK’s National Health Service (NHS) is warning of possible exploitation attempts targeting vulnerabilities in the Arcserve Unified Data Protection (UDP) software, which were disclosed in March and had PoC exploit code released shortly after.