Collaborate Disseminate
A joint advisory issued by Australia, Canada, New Zealand, and the U.S. has warned of a broad cyber espionage campaign undertaken by People’s Republic of China (PRC)-affiliated threat actors targeting telecommunications providers.
“Identified exploitat… Continue reading Joint Advisory Warns of PRC-Backed Cyber Espionage Targeting Telecom Networks
The crystal radio is a time-honored build that sadly doesn’t get much traction anymore. Once a rite of passage for electronics hobbyists, the classic coil-on-an-oatmeal-carton and cat’s whisker design just …read more Continue reading Fail of the Week: The SMD Crystal Radio That Wasn’t
Today, we’re happy to welcome the 37th government to have full and free access to domain searches of their gov domains in Have I Been Pwned, Armenia. Armenia’s National Computer Incident Response Team AM-CERT now joins three dozen other national counterparts in gaining visibility into how
Continue reading Welcoming the Armenian Government to Have I Been Pwned
The Department of Government Efficiency, headed by Elon Musk and Vivek Ramaswamy, appears to be signaling its intention to tackle daylight saving time. Musk has indicated support for ending semiannual clock changes in recent days on his social media pl… Continue reading Musk Signals Fresh Push To End US Daylight Saving Time
Veeam has released security updates to address a critical flaw impacting Service Provider Console (VSPC) that could pave the way for remote code execution on susceptible instances.
The vulnerability, tracked as CVE-2024-42448, carries a CVSS score of 9… Continue reading Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console
SafeLine is an open-source and self-hosted Web Application Firewall (WAF) that protects websites from cyber attacks. “SafeLine WAF was created to protect web applications for small and medium-sized enterprises from cyber threats by monitoring and… Continue reading SafeLine: Open-source web application firewall (WAF)
An anonymous reader shares a report: Meta is mistakenly removing too much content across its apps, according to a top executive. Nick Clegg, Meta’s president of global affairs, told reporters on Monday that the company’s moderation “error rates are sti… Continue reading Meta Says It’s Mistakenly Moderating Too Much
A critical security vulnerability has been disclosed in SailPoint’s IdentityIQ identity and access management (IAM) software that allows unauthorized access to content stored within the application directory.
The flaw, tracked as CVE-2024-10905, has a … Continue reading Critical SailPoint IdentityIQ Vulnerability Exposes Files to Unauthorized Access
Cybersecurity researchers have called attention to a novel phishing campaign that leverages corrupted Microsoft Office documents and ZIP archives as a way to bypass email defenses.
“The ongoing attack evades #antivirus software, prevents uploads to san… Continue reading Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses
The geographic distribution of open-source contributions introduces geopolitical risks that organizations must urgently consider, especially with rising nation-state attacks, according to Lineaje. Open-source code risks rise with anonymous contribution… Continue reading 70% of open-source components are poorly or no longer maintained