The OpenSSH maintainers have announced the release of OpenSSH 9.2, which aims to rectify several security vulnerabilities, notably a memory safety issue identified in the OpenSSH server (sshd). This vulnerability, cataloged as CVE-2023-25136, is classified as a pre-authentication double free…
Recent reports have unveiled the resurgence of FinSpy, a notorious surveillance malware, which is now targeting high-profile users via a fresh Adobe Flash zero-day exploit embedded within Microsoft Office documents. This significant threat was uncovered by security experts from Kaspersky…
The recent temporary closure of airspace over El Paso, Texas, and parts of New Mexico has raised concerns regarding the efficacy of the United States’ defenses against drone threats. Initially set to last for 10 days, the Federal Aviation Administration…
Insider Threat Leads to Massive Data Breach in South Korea In a significant breach of financial security, sensitive data from at least 20 million customers was compromised due to the actions of an insider employee in South Korea. The individual,…
Explore key topics such as Data Backup and Recovery, Data Loss Prevention (DLP), and Data Security. Presented by Blancco 60 Minutes As businesses increasingly modernize their infrastructures to meet demands for AI integration, cloud computing, and sustainability, the management of…
Lotus Blossom Hackers Compromise Notepad++ Hosting Infrastructure In a significant cybersecurity incident, the Lotus Blossom attackers have successfully breached the official hosting infrastructure of Notepad++, a widely used text and source code editor. This breach raises concerns for users and…
Multiple Vulnerabilities Identified in Document Management Systems Recent findings have highlighted several security vulnerabilities across prominent open-source and freemium Document Management Systems (DMS) offered by four vendors: LogicalDOC, Mayan, ONLYOFFICE, and OpenKM. These unpatched flaws expose organizations to potentially severe…
A pressing cybersecurity risk has emerged just a year following the notorious Mirai botnet attack, which disrupted numerous Internet services through extensive DDoS attacks. Security researchers are now raising alarms about a new IoT botnet known as “IoT_reaper,” first identified…
Recent Findings on BlackPOS Malware Developer In a significant update from cybersecurity firm IntelCrawler, details have emerged about the individual behind the notorious BlackPOS malware. This malware previously played a crucial role in the data breaches that affected well-known retailers…
Transcript This transcript has been streamlined for clarity. Mathew Schwartz: Hello. I’m Mathew Schwartz from Information Security Media Group, and today I’m joined by Candid Wüest, a prominent security advocate at Xorlab. Candid, it’s a pleasure to have you here.…
