Found 57 bookmarks
Custom sorting
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
Sometimes when we publish details and writeups about vulnerabilities we are so focused on the actual bug, that we don't notice others, which might be still hidden inside the details. The same can happen when we read these issues, but if we keep our eyes open we might find hidden gems. Download Slides Download Whitepaper
#blackhat#2022#session#bug#writeup#presentation#macos#hidden#Vulnerabilities#Fitzl#offensivesecurity#CVE-2021-1815#CVE-2021-30972
·blackhat.com·
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
2021 Top Routinely Exploited Vulnerabilities | CISA
2021 Top Routinely Exploited Vulnerabilities | CISA
This joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS),
#cisa#uscert#csirt#cert#U.-S.-Computer-Emergency-Readiness#top#2021#top2021#EN#2022#Vulnerabilities
·cisa.gov·
2021 Top Routinely Exploited Vulnerabilities | CISA
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
Sometimes when we publish details and writeups about vulnerabilities we are so focused on the actual bug, that we don't notice others, which might be still hidden inside the details. The same can happen when we read these issues, but if we keep our eyes open we might find hidden gems. Download Slides Download Whitepaper
#blackhat#2022#session#bug#writeup#presentation#macos#hidden#Vulnerabilities#Fitzl#offensivesecurity#CVE-2021-1815#CVE-2021-30972
·blackhat.com·
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
2021 Top Routinely Exploited Vulnerabilities | CISA
2021 Top Routinely Exploited Vulnerabilities | CISA
This joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS),
#cisa#uscert#csirt#cert#U.-S.-Computer-Emergency-Readiness#top#2021#top2021#EN#2022#Vulnerabilities
·cisa.gov·
2021 Top Routinely Exploited Vulnerabilities | CISA
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
Sometimes when we publish details and writeups about vulnerabilities we are so focused on the actual bug, that we don't notice others, which might be still hidden inside the details. The same can happen when we read these issues, but if we keep our eyes open we might find hidden gems. Download Slides Download Whitepaper
#blackhat#2022#session#bug#writeup#presentation#macos#hidden#Vulnerabilities#Fitzl#offensivesecurity#CVE-2021-1815#CVE-2021-30972
·blackhat.com·
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
2021 Top Routinely Exploited Vulnerabilities | CISA
2021 Top Routinely Exploited Vulnerabilities | CISA
This joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS),
#cisa#uscert#csirt#cert#U.-S.-Computer-Emergency-Readiness#top#2021#top2021#EN#2022#Vulnerabilities
·cisa.gov·
2021 Top Routinely Exploited Vulnerabilities | CISA
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
Sometimes when we publish details and writeups about vulnerabilities we are so focused on the actual bug, that we don't notice others, which might be still hidden inside the details. The same can happen when we read these issues, but if we keep our eyes open we might find hidden gems. Download Slides Download Whitepaper
#blackhat#2022#session#bug#writeup#presentation#macos#hidden#Vulnerabilities#Fitzl#offensivesecurity#CVE-2021-1815#CVE-2021-30972
·blackhat.com·
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
2021 Top Routinely Exploited Vulnerabilities | CISA
2021 Top Routinely Exploited Vulnerabilities | CISA
This joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS),
#cisa#uscert#csirt#cert#U.-S.-Computer-Emergency-Readiness#top#2021#top2021#EN#2022#Vulnerabilities
·cisa.gov·
2021 Top Routinely Exploited Vulnerabilities | CISA
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
Sometimes when we publish details and writeups about vulnerabilities we are so focused on the actual bug, that we don't notice others, which might be still hidden inside the details. The same can happen when we read these issues, but if we keep our eyes open we might find hidden gems. Download Slides Download Whitepaper
#blackhat#2022#session#bug#writeup#presentation#macos#hidden#Vulnerabilities#Fitzl#offensivesecurity#CVE-2021-1815#CVE-2021-30972
·blackhat.com·
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
2021 Top Routinely Exploited Vulnerabilities | CISA
2021 Top Routinely Exploited Vulnerabilities | CISA
This joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS),
#cisa#uscert#csirt#cert#U.-S.-Computer-Emergency-Readiness#top#2021#top2021#EN#2022#Vulnerabilities
·cisa.gov·
2021 Top Routinely Exploited Vulnerabilities | CISA
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
Sometimes when we publish details and writeups about vulnerabilities we are so focused on the actual bug, that we don't notice others, which might be still hidden inside the details. The same can happen when we read these issues, but if we keep our eyes open we might find hidden gems. Download Slides Download Whitepaper
#blackhat#2022#session#bug#writeup#presentation#macos#hidden#Vulnerabilities#Fitzl#offensivesecurity#CVE-2021-1815#CVE-2021-30972
·blackhat.com·
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
2021 Top Routinely Exploited Vulnerabilities | CISA
2021 Top Routinely Exploited Vulnerabilities | CISA
This joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS),
#cisa#uscert#csirt#cert#U.-S.-Computer-Emergency-Readiness#top#2021#top2021#EN#2022#Vulnerabilities
·cisa.gov·
2021 Top Routinely Exploited Vulnerabilities | CISA
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
Sometimes when we publish details and writeups about vulnerabilities we are so focused on the actual bug, that we don't notice others, which might be still hidden inside the details. The same can happen when we read these issues, but if we keep our eyes open we might find hidden gems. Download Slides Download Whitepaper
#blackhat#2022#session#bug#writeup#presentation#macos#hidden#Vulnerabilities#Fitzl#offensivesecurity#CVE-2021-1815#CVE-2021-30972
·blackhat.com·
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
2021 Top Routinely Exploited Vulnerabilities | CISA
2021 Top Routinely Exploited Vulnerabilities | CISA
This joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS),
#cisa#uscert#csirt#cert#U.-S.-Computer-Emergency-Readiness#top#2021#top2021#EN#2022#Vulnerabilities
·cisa.gov·
2021 Top Routinely Exploited Vulnerabilities | CISA
Move, Patch, Get Out the Way: 2022 Zero-Day Exploitation Continues at an Elevated Pace
Move, Patch, Get Out the Way: 2022 Zero-Day Exploitation Continues at an Elevated Pace
  • Mandiant tracked 55 zero-day vulnerabilities that we judge were exploited in 2022. Although this count is lower than the record-breaking 81 zero-days exploited in 2021, it still represents almost triple the number from 2020. * Chinese state-sponsored cyber espionage groups exploited more zero-days than other cyber espionage actors in 2022, which is consistent with previous years. * We identified four zero-day vulnerabilities exploited by financially motivated threat actors. 75% of these instances appear to be linked to ransomware operations. * Products from Microsoft, Google, and Apple made up the majority of zero-day vulnerabilities in 2022, consistent with previous years. The most exploited product types were operating systems (OS) (19), followed by browsers (11), security, IT, and network management products (10), and mobile OS (6).
#mandiant#EN#2022#2023#zero-day#zero-days#vulnerabilities#exploited#review
·mandiant.com·
Move, Patch, Get Out the Way: 2022 Zero-Day Exploitation Continues at an Elevated Pace
Supply Chain Vulnerabilities Put Server Ecosystem At Risk
Supply Chain Vulnerabilities Put Server Ecosystem At Risk
BMC&C Eclypsium Research has discovered and reported 3 vulnerabilities in American Megatrends, Inc. (AMI) MegaRAC Baseboard Management Controller (BMC) software. We are referring to these vulnerabilities collectively as BMC&C. MegaRAC BMC is widely used by many leading server manufacturers to provide “lights-out” management capabilities for their server products. Server manufacturers…
#eclypsium#EN#2022#CVE-2022-40259#CVE-2022-40242#CVE-2022-2827#Research#AMI#BMC#MegaRAC#supply-chain#vulnerabilities#server
·eclypsium.com·
Supply Chain Vulnerabilities Put Server Ecosystem At Risk
Zerobot – New Go-Based Botnet Campaign Targets Multiple Vulnerabilities
Zerobot – New Go-Based Botnet Campaign Targets Multiple Vulnerabilities
FortiGuardLabs examines a botnet known as Zerobot written in the Go language targeting IoT vulnerabilities. Read our blog to learn about how it evolves, including self-replication, attacks for different protocols, and self-propagation as well as its behavior once inside an infected device.
#fortinet#EN#2022#vulnerabilities#Botnet#iot-security#Zerobot#Go#Threat-Research#malware-research#malware-analysis
·fortinet.com·
Zerobot – New Go-Based Botnet Campaign Targets Multiple Vulnerabilities
Google Online Security Blog: Memory Safe Languages in Android 13
Google Online Security Blog: Memory Safe Languages in Android 13
As the amount of new memory-unsafe code entering Android has decreased, so too has the number of memory safety vulnerabilities. From 2019 to 2022 it has dropped from 76% down to 35% of Android’s total vulnerabilities. 2022 is the first year where memory safety vulnerabilities do not represent a majority of Android’s vulnerabilities.
#Google#EN#2022#memory-safe#Android#statistics#vulnerabilities#memory#safety
·security.googleblog.com·
Google Online Security Blog: Memory Safe Languages in Android 13
CVE-2022-41622 and CVE-2022-41800 (FIXED): F5 BIG-IP and iControl REST Vulnerabilities and Exposures
CVE-2022-41622 and CVE-2022-41800 (FIXED): F5 BIG-IP and iControl REST Vulnerabilities and Exposures
Rapid7 discovered several vulnerabilities and exposures in F5 BIG-IP and BIG-IQ devices running a customized distribution of CentOS detailed in F5's Base Operating Systems support article. The affected products are detailed in the vendor advisories below:
#rapid7#EN#2022#CVE-2022-41622#CVE-2022-41800#F5#BIG-IP#vulnerabilities
·rapid7.com·
CVE-2022-41622 and CVE-2022-41800 (FIXED): F5 BIG-IP and iControl REST Vulnerabilities and Exposures