Security researchers at Varonis Threat Labs have identified a subtle but significant vulnerability in Microsoft’s AppLocker security feature that could allow malicious applications to bypass […]
Is AI here to take or redefine your cybersecurity role?
“AI is coming, and will take some jobs, but no need to worry.” That headline ran atop a CSO story published in 2016. Nine years […]
CISA Issues Alert on Microsoft SharePoint 0-Day RCE Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security alert regarding a critical zero-day vulnerability in Microsoft SharePoint Server that is being […]
Hacker greifen über Microsoft-Lücke an
Über eine Sicherheitslücke in SharePoint haben Hacker zahlreiche Behörden und Unternehmen angegriffen. T. Schneider – Shutterstock.com IT-Sicherheitsexperten schlagen Alarm, weil Behörden und Unternehmen über eine […]
From hardcoded credentials to auth gone wrong: Old bugs continue to break modern systems
At a time when AI-powered cyber threats and sophisticated state-backed hacking groups dominate the headlines, the lack of elementary security continues to pose as the […]
MAD warnt vor russischer Spionage
Der Militärische Abschirmdienst (MAD) verzeichnet deutlich verstärkte Ausspähversuche und Störmaßnahmen russischer Geheimdienste in Deutschland. FamVeld – shutterstock.com “Wir reden über einen starken Anstieg der Fälle […]
PoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abuse
Cybersecurity researchers have disclosed a novel attack technique that allows threat actors to bypass Fast IDentity Online (FIDO) key protections by deceiving users into approving […]
7-Zip Vulnerability Lets Malicious RAR5 Files Crash Systems
A critical denial-of-service vulnerability has been discovered in 7-Zip that allows attackers to crash systems using specially crafted RAR5 archive files. The vulnerability, tracked as […]
SharePoint 0-Day RCE Flaw Actively Exploited for Full Server Takeover
A devastating new SharePoint vulnerability is being actively exploited in large-scale attacks worldwide, enabling attackers to gain complete control of on-premise servers without authentication. Security […]
PoisonSeed Attack Tricks Users into Scanning Malicious MFA QR Codes
A sophisticated new cyber attack technique has emerged that exploits the cross-device sign-in features of FIDO keys, effectively bypassing one of the most secure forms […]