A spearphishing campaign targeting management teams associated with an Azerbaijanian company exploits the conflict between Azerbaijan and Armenia, using malware disguised as an infected memo to gather basic computer information from its targets.
It is no secret that the cyber security industry stands at the precipice of an acute skills gap. While the global economy clamors for 3.4 million cyber security experts, the demand heavily outweighs the supply. The lack of talented humans in a cyber security team – or an entirely non-existent team – could have devastating […]
Researchers who discovered two critical vulnerabilities in Microsoft SharePoint Server have released details of an exploit they developed that chains the two vulnerabilities together to enable remote code execution on affected servers. Separately, another security researcher this week posted proof-of-concept code on GitHub for one of the SharePoint vulnerabilities that shows how an attacker could […]
Mozilla on Tuesday announced security updates for both Firefox and Thunderbird, addressing a total of nine vulnerabilities in its products, including high-severity flaws. Firefox 118 was released to the stable channel with patches for all nine vulnerabilities – all are memory issues, most of which could lead to exploitable crashes. Tracked as CVE-2023-5168 and CVE-2023-5169, […]
Cloud detection and response company Gem Security today announced that it has raised a $23 million Series A round led by GGV Capital, with participation from IBM Ventures and Silicon Valley CISO Investments. It was only in February that Gem announced its $11 million seed round led by Team8, which also participated in this new […]
Sep 28, 2023THNZero Day / Vulnerability Google on Wednesday rolled out fixes to address a new actively exploited zero-day in the Chrome browser. Tracked as CVE-2023-5217, the high-severity vulnerability has been described as a heap-based buffer overflow in the VP8 compression format in libvpx, a free software video codec library from Google and the Alliance […]
Collaboration is a dream of a lifetime, says Orbit William Orbit Legendary space rockers Hawkwind have announced an unexpected special guest will be joining their ranks at their London Royal Albert Hall show this Friday (September 29) – rave-era hero and producer William Orbit. Orbit says of the collaboration: “The first LP I ever bought […]
Multinational technology company Sony has allegedly been the victim of a data breach, with various hacking gangs attempting to take credit for the hack. The company has said it is investigating the claims made by multiple malicious groups which saw 3.14GB of data allegedly belonging to Sony posted on dark web hacking sites. Extortion group […]
The attack involves creating fake commit messages titled “fix” to introduce malware that extracts secrets from targeted repositories and steals passwords from web-form submissions.