vulnerability

The importance of the Vulnerability Operations Centre for cybersecurity

by
The importance of the Vulnerability Operations Centre for cybersecurity

Traditional cybersecurity is laser-focused on incident detection and response. In other words, it’s built around a Security Operations Centre (SOC). That’s no bad thing in itself. Read between the lines, however, and that assumes we’re waiting on the threats to come to us. With cyber adversaries evolving their tactics through AI, automated ransomware campaigns, and … Read more

Hackers are already attacking this Microsoft SharePoint vulnerability, so patch now

by
Hackers are already attacking this Microsoft SharePoint vulnerability, so patch now

The US Cybersecurity and Infrastructure Security Agency (CISA) has added a new Microsoft Sharepoint Server vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, signaling that hackers have begun exploiting it in the wild. The vulnerability is tracked as CVE-2023-24955, and carries a severity score of 7.2. It is described as a critical remote code execution … Read more

Apple Silicon Vulnerability Allows Hackers to Extract Encryption Keys

by
Apple Silicon Vulnerability Allows Hackers to Extract Encryption Keys

An unpatchable vulnerability has been discovered in Apple’s M-series chips that allows attackers to extract secret encryption keys from Macs under certain conditions, according to a newly published academic research paper. Named “GoFetch,” the type of cyber attack described involves Data Memory-Dependent Prefetchers (DMPs), which try to predict what data the computer will need next … Read more

Another Microsoft vulnerability is being used to spread malware

by
Another Microsoft vulnerability is being used to spread malware

Hackers are using a novel phishing technique to deliver remote access trojans (RAT) to unsuspecting victims. According to the report, published this Monday, threat actors are using a technique called Object Linking and Embedding (OLE). This is a Windows feature that allows users to embed and link documents within documents, resulting in compound files with … Read more

ASUSTOR Severe Vulnerability Detected – update Surveillance Center now

by
ASUSTOR Severe Vulnerability Detected – update Surveillance Center now

ASUSTOR has released an emergency update for its Surveillance Center software after discovering a severe vulnerability that could allow attackers to gain elevated privileges and execute malicious code on the ADM platform. The company has released an urgent security update for its Surveillance Center software, which is a critical move to address a serious vulnerability … Read more

ZOOM VISS vulnerability impact scoring system announced

by
ZOOM VISS vulnerability impact scoring system announced

The digital landscape, ever expanding and evolving, has given rise to an increasing number of security vulnerabilities. To address this issue, a new open-source project called the Vulnerability Impact Scoring System (VISS) has been introduced. VISS is designed to enhance security measures by providing a unique assessment tool that measures the impact of vulnerabilities from … Read more