Mar 13, 2024NewsroomPatch Tuesday / Software Update Microsoft on Tuesday released its monthly security update, addressing 61 different security flaws spanning its software, including two critical issues impacting Windows Hyper-V that could lead to denial-of-service (DoS) and remote code execution. Of the 61 vulnerabilities, two are rated Critical, 58 are rated Important, and one is […]
Experts released PoC exploit for critical Progress Software OpenEdge bug Pierluigi Paganini March 11, 2024 Researchers released technical specifics and a PoC exploit for a recently disclosed flaw in Progress Software OpenEdge Authentication Gateway and AdminServer. Researchers from Horizon3.ai have published technical details and a proof-of-concept (PoC) exploit for the critical security flaw CVE-2024-1403 in […]
After teasing its release last fall, Ableton has released the new Ableton Live 12 software – available for purchase on the company’s website and downloadable via your Ableton account if you’ve pre-ordered the program. The company has also published a series of how-to videos, to get to know the program’s major feature updates and additions. It’s […]
Cisco has released free software updates that address the vulnerability described in this advisory. Customers with service contracts that entitle them to regular software updates should obtain security fixes through their usual update channels. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By […]
Mar 07, 2024NewsroomCyber Espionage / Software Security The China-linked threat actor known as Evasive Panda orchestrated both watering hole and supply chain attacks targeting Tibetan users at least since September 2023. The end of the attacks is to deliver malicious downloaders for Windows and macOS that deploy a known backdoor called MgBot and a previously […]
Kroll has uncovered a sophisticated cyberattack leveraging vulnerabilities in ConnectWise ScreenConnect software to deploy a variant of the BabyShark malware dubbed ToddlerShark. This targeted campaign exploits ScreenConnect flaws in the remote access tool to gain unauthorized access and deliver the malicious payload. Diving into details The North Korean APT group Kimsuky is reportedly exploiting ScreenConnect […]
Malicious software packages are found on public software repositories such as GitHub, PyPI and the npm registry seemingly every day. Attackers use a number of tricks to fool developers or systems into downloading them, or they simply compromise the package developer’s account and update the package with malware. Consequently, the security capabilities of public software […]
The company attributed the infection to software adjustments made by developers to reduce boot times, which inadvertently affected network settings and omitted digital signatures.
What is a hypervisor? A hypervisor is software that facilitates running multiple virtual machines (VMs) with their own operating systems on a single computer host’s hardware. The host machine and its physical hardware resources independently operate one or more VMs as guest operating systems. Multiple guest VMs share the system’s physical compute resources, including processor […]