The U.S. was bombarded by financially-motivated ransomware attacks throughout 2023. This report looks at the numbers, the costs and the solution.
The critical bug that could lead to a remote attack via voice call is one of 26 vulnerabilities affecting hundreds of Qualcomm chipsets.
The Cactus ransomware group claims to have hacked Coop, one of the largest retail and grocery providers in Sweden.
2023 was a big year for cybersecurity, with significant cyberattacks, data breaches, new threat groups emerging, and, of course, zero-day vulnerabilities.
Un centre opérationnel de sécurité (SOC) est essentiel pour la surveillance continue des cybermenaces et être en mesure de répondre rapidement à un incident. La ville de Nyon a lancé
Porsche's best-selling model will be discontinued from markets within the European Union in spring of 2024
This write-up presents an exploit for a vulnerability in the XNU kernel:
Assigned CVE-2023-32434.
Fixed in iOS 16.5.1 and macOS 13.4.1.
Reachable from the WebContent sandbox and might have been actively exploited.
*Note that this CVE fixed multiple integer overflows, so it is unclear whether or not the integer overflow used in my exploit was also used in-the-wild. Moreover, if it was, it might not have been exploited in the same way.
The exploit has been successfully tested on:
iOS 16.3, 16.3.1, 16.4 and 16.5 (iPhone 14 Pro Max)
macOS 13.1 and 13.4 (MacBook Air M2 2022)
All code snippets shown below are from xnu-8792.81.2.
A security issue exists in D-Link D-View 8 v2.0.2.89 and prior that could allow an attacker to manipulate the probe inventory of the D-View service. This could result in the disclosure of info
UPDATE 12/29 - While there is no new alerts regarding the Steam product or risk of downloads, the Discord account remains compromised. I have reports that the account is trying to DM people and either send malware to them impersonating themselves as a developer, or trying to gain sensitive information. Do not engage with this account and absolutely do not click on any links sent.
Authorities have declined to comment on the reported ransomware attack ten days on Serbia's public energy company EPS.
Cyber attacks hit the Assembly of the Republic of Albania and telecom company One Albania, a government agency reported.
On 26th October, 2023 F5 released a security advisory about a critical unauthenticated remote code execution vulnerability, CVE-2023-46747, in F5’s BIG-IP configuration utility. This vulnerability could allow unauthent…
The printing and business services giant said its XBS division "experienced a security incident." A cybercrime gang called INC said it was responsible.
