Linux Mint 22.1 is primed and ready for release – and I’m excited
The latest update of the best Linux desktop distro is out and ready to go. Here’s what to expect. Continue reading Linux Mint 22.1 is primed and ready for release – and I’m excited
Fighting to Keep Bluetooth Thermometers Hackable
Back in 2020, we first brought you word of the Xiaomi LYWSD03MMC — a Bluetooth Low Energy (BLE) temperature and humidity sensor that could be had from the usual sources …read more Continue reading Fighting to Keep Bluetooth Thermometers Hackable
The $10 Cyber Threat Responsible for the Biggest Breaches of 2024
You can tell the story of the current state of stolen credential-based attacks in three numbers:
Stolen credentials were the #1 attacker action in 2023/24, and the breach vector for 80% of web app attacks. (Source: Verizon).
Cybersecurity budgets grew… Continue reading The $10 Cyber Threat Responsible for the Biggest Breaches of 2024
Contrast Security AVM identifies application and API vulnerabilities in production
Contrast Security released Application Vulnerability Monitoring (AVM), a new capability of Application Detection and Response (ADR). AVM works within applications to find application and API vulnerabilities in production and correlate those vulnerabili… Continue reading Contrast Security AVM identifies application and API vulnerabilities in production
New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits
Details have emerged about a now-patched security vulnerability that could allow a bypass of the Secure Boot mechanism in Unified Extensible Firmware Interface (UEFI) systems.
The vulnerability, assigned the CVE identifier CVE-2024-7344 (CVSS score: 6…. Continue reading New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits
6 Strategic Innovations Transforming the Fintech Industry
Technology is changing the global economy, and fintech companies are at the backbone of this transformation. To keep… Continue reading 6 Strategic Innovations Transforming the Fintech Industry
Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions
Cybersecurity researchers have found that the Microsoft Active Directory Group Policy that’s designed to disable NT LAN Manager (NTLM) v1 can be trivially bypassed by a misconfiguration.
“A simple misconfiguration in on-premise applications can overrid… Continue reading Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions
Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer
Threat actors have been observed concealing malicious code in images to deliver malware such as VIP Keylogger and 0bj3ctivity Stealer as part of separate campaigns.
“In both campaigns, attackers hid malicious code in images they uploaded to archive[.]o… Continue reading Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer
Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?
A threat actor has leaked configuration files (aka configs) for over 15,000 Fortinet Fortigate firewalls and associated admin and user credentials. The collection has been leaked on Monday and publicized on an underground forum by the threat actor that… Continue reading Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?
New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344)
ESET researchers have identified a vulnerability (CVE-2024-7344) impacting most UEFI-based systems, which allows attackers to bypass UEFI Secure Boot. The issue was found in a UEFI application signed with Microsoft’s “Microsoft Corporation UEFI CA 2011… Continue reading New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344)