Security

"Marvin" breathes new life into Bleichenbacher's timing oracle attack

"Marvin" breathes new life into Bleichenbacher's timing oracle attack

RSA PKCS#1 v1.5 encryption is ancient and should not be used.
Sep 27 2023 12:24PM
Salesforce cloud outage caused by security change

Salesforce cloud outage caused by security change

Goes public with post-mortem.
Sep 27 2023 12:23PM
Juniper Networks acknowledges new spin on firewall vulnerability

Juniper Networks acknowledges new spin on firewall vulnerability

Patches against fileless RCE.
Sep 27 2023 12:23PM
Philippine Health Insurance Corporation probes cyber attack

Philippine Health Insurance Corporation probes cyber attack

Implements containment measures following Medusa ransomware breach.
Sep 25 2023 9:53AM
GitLab patches critical vulnerability

GitLab patches critical vulnerability

Attacker could imitate other users.
Sep 20 2023 3:16PM
Google warns security researchers of North Korean campaign

Google warns security researchers of North Korean campaign

Attackers used as-yet-unpatched zero-day.
Sep 11 2023 11:25AM
Cisco SSO authentication bug patched

Cisco SSO authentication bug patched

BroadWorks platforms vulnerable.
Sep 7 2023 3:23PM
Crash log exposed Microsoft Outlook keys to threat actor

Crash log exposed Microsoft Outlook keys to threat actor

How July’s Storm-0558 attack happened.
Sep 7 2023 3:22PM
Palo Alto Networks closes door on TunnelCrack

Palo Alto Networks closes door on TunnelCrack

Configuration checks needed, rather than patches.
Aug 23 2023 11:55AM
Singapore enhances OT security through international partnerships

Singapore enhances OT security through international partnerships

Teams up with Dragos and CISA.
Aug 23 2023 9:35AM
North Korean hackers target US-South Korea military drills

North Korean hackers target US-South Korea military drills

Police say no classified information has been compromised.
Aug 21 2023 12:00PM
US cyber body to review cloud computing safety, Microsoft breach

US cyber body to review cloud computing safety, Microsoft breach

Imperative that we understand the vulnerabilities, says DHS.
Aug 14 2023 1:12PM
Azure bug allowed password theft, researcher says

Azure bug allowed password theft, researcher says

Tenable CEO critical of slow fix, transparency.
Aug 7 2023 1:26PM
Credential issues accounted for over half of cloud compromises in Q1 2023

Credential issues accounted for over half of cloud compromises in Q1 2023

Requires strong identity management to mitigate risks, says report.
Aug 7 2023 10:14AM
Microsoft says Russia-linked hackers behind Teams phishing attacks

Microsoft says Russia-linked hackers behind Teams phishing attacks

Have affected "fewer than 40 global organisations".
Aug 4 2023 10:59AM
Ivanti endpoint security needs security upgrade

Ivanti endpoint security needs security upgrade

Older MobileIron appliances had exploitable API.
Aug 3 2023 2:40PM
Salesforce email compromised for phishing attacks

Salesforce email compromised for phishing attacks

Now patched against "Phishforce".
Aug 3 2023 2:39PM
Cloud company assisted 17 different government hacking groups

Cloud company assisted 17 different government hacking groups

US researchers publish findings.
Aug 2 2023 12:27PM
Chipmakers signal supply glut easing

Chipmakers signal supply glut easing

But demand recovery still slow.
Jul 31 2023 12:34PM
Meta plans retention "hooks" for Threads

Meta plans retention "hooks" for Threads

As more than half of users leave app.
Jul 31 2023 12:32PM