GeekWire
  • HOME
  • NEWS
    • CERT
    • EXPLOITS
    • NCSC
    • NVD
    • SECURELIST
    • US-CERT
  • BLOG
    • Books
    • OSINT
    • Pentest
    • Privacy
  • LABS
  • ARCHIVE
  • ABOUT
    • Privacy Policy
    • Terms of Use
    • External Links
    • Sitemap
  • Exploiting GOG Galaxy XPC service for privilege escalation in macOS

    7 December 2023

    Extending and automating NightHawk with DayBird 13 min read – NightHawk, MDSec’s commercial C2 product, has focused on operational …

    Application Security, Galaxy, GOG, IT, X-Force
  • Think Twice Before Giving Surveillance for the Holidays

    7 December 2023

    With the holidays upon us, it’s easy to default to giving the tech gifts that retailers tend to push on us this time of year: smart …

    Giving, Holidays, IT, Privacy, Security Education
  • Microsoft’s CISO Bret Arsenault to helm Chief Security Advisor position

    7 December 2023

    To fill the vacancy left by Arsenault, Igor Tsyganskiy has been appointed as the new CISO, effective January 1, 2024. Tsyganskiy previously …

    Advisors, CISO, IT, Microsoft, News
  • Russian Star Blizzard hackers linked to efforts to hamper war crimes investigation

    7 December 2023

    Russia’s cyberwar against the west, which accelerated after its 2014 annexation of Crimea, has been executed by a constellation of elite …

    Blizzard, Cybercrime, Espionage, Europe, Politics
  • Akamai discovers Active Directory DNS spoofing exploit

    7 December 2023

    The combination of Domain Name System, Active Directory and the Dynamic Host Configuration Protocol is a potential cybersecurity threat, …

    Akamai, CDN, Cyber, DNS, Domain Name System
  • A guide to avoiding 10 common holiday scams this season

    7 December 2023

    Scammers target people in the following ways. We’re here to help you and yours avoid a heartbreaking holiday …

    BEC, IT, News
  • Attacks against personal data are up 300%, Apple warns

    7 December 2023

    It’s been another bad week in security. Not only do we learn that so-called …

    Apple, Attacks, IT, News
  • New XorDdos-Linked Linux RAT Krasue Targeting Telecom Firms

    7 December 2023

    The Krasue Linux RAT is quite sophisticated, and equipped with the capability to evade detection through Rootkit and RTSP communication. …

    Linux, Malware, New, Targeting, Telecoms
  • US and EU infosec authorities pen intel-sharing pact

    7 December 2023

    The US Cybersecurity and Infrastructure Security Agency (CISA) has signed a working arrangement with its EU counterparts to increase …

    EU, IT, News
  • Piiano Flows Scans for Sensitive Data Leaks in Git Code

    7 December 2023

    When his cybersecurity company NorthBit was acquired by Florida-based augmented reality vendor Magic Leap, Gil Dabah became head of …

    Codes, Compliance, Data, Flows, Git
  • CISA Adds Two Known Exploited Vulnerabilities to Catalog

    7 December 2023

    CISA has added two new vulnerabilities to its 

    US-CERT
  • UK reveals years-long Russian cyber-espionage activities

    7 December 2023

    This probably comes as no surprise to anyone, but Britain’s Foreign Office revealed on Thursday that it has found long-term evidence of …

    Cyber, HubSpot, IT, Microsoft, Russian
{"loadingDistance":1200,"queryId":0,"maxPage":0,"currentPage":1,"urlPattern":"https://geekwire.eu/page/{pageNum}"}

●●●

CookieFree

NVD

  • CVE-2023-36409 – Microsoft Edge (Chromium-based) Information Disclosure Vulnerability …7 November 2023
  • CVE-2023-47272 – Roundcube 1.5.x before 1.5.6 and 1.6.x before 1.6.5 allows XSS via a Content-Type or Conte …6 November 2023
  • CVE-2023-47271 – PKP-WAL (aka PKP Web Application Library or pkp-lib) before 3.3.0-16, as used in Open Jour …6 November 2023
  • CVE-2023-20702 – In 5G NRLC, there is a possible invalid memory access due to lack of error handling. This …6 November 2023
  • CVE-2018-25093 – A vulnerability was found in Vaerys-Dawn DiscordSailv2 up to 2.10.2. It has been rated as …6 November 2023

EXPLOITS

  • Splunk 9.0.5 – admin account take over9 October 2023
  • GLPI GZIP(Py3) 9.4.5 – RCE9 October 2023
  • Shuttle-Booking-Software v1.0 – Multiple-SQLi9 October 2023
  • Atcom 2.7.x.x – Authenticated Command Injection9 October 2023
  • OpenPLC WebServer 3 – Denial of Service9 October 2023

SECURELIST

  • New macOS Trojan-Proxy piggybacking on cracked software6 December 2023
  • BlueNoroff: new Trojan attacking macOS users5 December 2023
  • Kaspersky Security Bulletin 2023. Statistics4 December 2023
  • IT threat evolution in Q3 2023. Non-mobile statistics1 December 2023
  • IT threat evolution Q3 20231 December 2023

Copyright © 2023 GeekWire | Cookie-Free | Privacy Policy | We are not responsible for the content of external sites.