Cyber Security
A free unofficial patch has been released for an actively exploited zero-day that allows files signed with malformed signatures to bypass Mark-of-the-Web security warnings...
Hi, what are you looking for?
A free unofficial patch has been released for an actively exploited zero-day that allows files signed with malformed signatures to bypass Mark-of-the-Web security warnings...
A new open-source ‘S3crets Scanner’ scanner allows researchers and red-teamers to search for ‘secrets’ mistakenly stored in publicly exposed or company’s Amazon AWS S3...
NIST advisors debating the merits of OMB’s policy on software vendors’ “self-attestation” to secure development practices found common ground on a need for audits...
Developers of the OpenSSL cryptography library have taken the unusual step of pre-warning that an update due to land next Tuesday (November 1) will fix a...
VMWare has patched a critical vulnerability in the management service for NSX, its network virtualization and security platform. The vulnerability, caused by an old...
A new set of documents and resources from the agency is designed to help critical infrastructure operators manage the basics of cybersecurity. The Cybersecurity...
A flaw in GitHub’s namespace retirement feature could have allowed attackers to potentially access another user’s repository. Coined ‘repojacking’ by researchers from Checkmarx, the...
Initial baselines address Microsoft services, and baselines for configuring rival services from Google are up next. The Cybersecurity and Infrastructure Security Agency is inviting...
A pair of vulnerabilities patched in Jira Align could in the “worst-case scenario” be combined by low-privileged malicious users to target Atlassian’s cloud infrastructure,...
Fortinet is urging customers to patch a critical authentication bypass vulnerability that has already been exploited in the wild. Earlier this month, the networking vendor patched...