Hundreds of companies and organizations showcased their products and services this week at the 2022 edition of the Black Hat conference in Las Vegas. read more
...moreSummary
Total Articles Found: 17
Top sources:
Top Keywords:
- Network Security: 17
- NEWS & INDUSTRY: 16
- Vulnerabilities: 15
- Application Security: 13
- Cloud Security: 13
Top Authors
- Ryan Naraine: 9
- Ionut Arghire: 4
- Eduard Kovacs: 3
- Ryan Gerstenkorn: 1
Top Articles:
- Cisco Finds Serious Flaws in Sierra Wireless AirLink Devices
- Researchers Find Exploitable Bugs in Mercedes-Benz Cars
- North Korean .Gov Hackers Back With Fake Pen-Test Company
- Pwn2Own 2021: Hackers Offered $200,000 for Zoom, Microsoft Teams Exploits
- Apple Issues Patches for NAT Slipstreaming 2.0 Attack
- Adobe: Critical Flaws in Reader, Acrobat, Illustrator
- Google Warns of Exploited Zero-Days in Chrome Browser
- Hardcoded Credentials Expose Zyxel Firewalls and WLAN Controllers to Remote Attacks
- Project Zero Flags High-Risk Zoom Security Flaw
- Adobe Patches Gaping Security Holes in Acrobat, Reader, Photoshop
Black Hat USA 2022 - Announcements Summary
Published: 2022-08-12 10:23:58
Popularity: 11
Author: Eduard Kovacs
Keywords:
Report: L3 Emerges as Suitor for Embattled NSO Group
Published: 2022-06-14 16:18:52
Popularity: 9
Author: Ryan Naraine
Keywords:
LLM Says: "Spy game 😏"
L3 Technologies, a U.S. government contractor that sells aerospace and defense technology, has emerged as a suitor for Israeli exploit merchant NSO Group. read more
...moreFirmware Flaws Allow Disabling Secure Boot on Lenovo Laptops
Published: 2022-04-19 18:46:07
Popularity: 14
Author: Ionut Arghire
Keywords:
LLM Says: "Boot fail"
Computer maker Lenovo has started pushing security patches to address three vulnerabilities impacting the UEFI firmware of more than 110 laptop models. read more
...moreAdobe Patches Gaping Security Holes in Acrobat, Reader, Photoshop
Published: 2022-04-12 17:36:50
Popularity: 21
Author: Ryan Naraine
Keywords:
LLM Says: "security alert"
Adobe's security update engine revved into overdrive this month with the release of patches for at least 78 documented software vulnerabilities, some serious enough to expose corporate customers to remote code execution attacks. read more
...moreSoftware Supply Chain Weakness: Snyk Warns of 'Deliberate Sabotage' of NPM Ecosystem
Published: 2022-03-17 15:58:58
Popularity: 20
Author: Ryan Naraine
Keywords:
Software supply chain security fears escalated again this week with the discovery of what’s being described as "deliberate sabotage" of code in the open-source npm package manager ecosystem. read more
...moreBypassing Little Snitch Firewall with Empty TCP Packets
The post Bypassing Little Snitch Firewall with Empty TCP Packets appeared first on Rhino Security Labs.
...moreProject Zero Flags High-Risk Zoom Security Flaw
Published: 2021-11-29 19:03:13
Popularity: 23
Author: Ryan Naraine
Keywords:
Video conferencing software giant Zoom has shipped patches for a pair of security defects that expose Windows, macOS, Linux, iOS and Android users to malicious hacker attacks. read more
...moreAkamai to Acquire Guardicore in $600M Zero Trust Tech Deal
Published: 2021-09-29 17:03:38
Popularity: 5
Author: Ryan Naraine
Keywords:
Edge security and content delivery giant Akamai Technologies on Wednesday announced plans to spend $600 million to acquire Guardicore, an Israeli micro-segmentation technology startup. Akamai said the deal would add new capabilities to help customers thwart ransomware attacks by blocking the spread of malware within an already-compromised enterprise. read more
...moreApple Confirms New Zero-Day Attacks on Older iPhones
Published: 2021-09-23 20:39:09
Popularity: 8
Author: Ryan Naraine
Keywords:
Apple on Thursday confirmed a new zero-day exploit hitting older iPhones and warned that the security vulnerability also affects the macOS Catalina platform. read more
...moreGoogle Warns of Exploited Zero-Days in Chrome Browser
Published: 2021-09-13 21:51:32
Popularity: 29
Author: Ryan Naraine
Keywords:
LLM Says: "Zero Day Alert"
Google has joined the list of major software providers scrambling to respond to zero-day exploits in the wild. read more
...moreAdobe: Critical Flaws in Reader, Acrobat, Illustrator
Published: 2021-07-13 15:08:49
Popularity: 40
Author: Ryan Naraine
Keywords:
LLM Says: "Crashing software"
Adobe has issued multiple security advisories with patches for critical vulnerabilities in a wide range of software products, including the ever-present Adobe Acrobat and Reader application. read more
...moreResearchers Find Exploitable Bugs in Mercedes-Benz Cars
Published: 2021-05-18 20:24:37
Popularity: 93
Author: Ionut Arghire
Keywords:
LLM Says: "car hack"
Following an eight-month audit of the code in the latest infotainment system in Mercedes-Benz cars, security researchers with Tencent Security Keen Lab identified five vulnerabilities, four of which could be exploited for remote code execution. read more
...moreNorth Korean .Gov Hackers Back With Fake Pen-Test Company
Published: 2021-03-31 20:57:11
Popularity: 78
Author: Ryan Naraine
Keywords:
A North Korean government-backed APT group has been caught using a fake pen-testing company and a range of sock puppet social media accounts in an escalation of a hacking campaign targeting security research professionals. read more
...moreApple Issues Patches for NAT Slipstreaming 2.0 Attack
Published: 2021-02-02 11:26:42
Popularity: 42
Author: Ionut Arghire
Keywords:
Apple this week released security updates to address multiple vulnerabilities in macOS and Safari, including a flaw that can be exploited for the recently disclosed NAT Slipstreaming 2.0 attack. read more
...morePwn2Own 2021: Hackers Offered $200,000 for Zoom, Microsoft Teams Exploits
Published: 2021-01-27 09:49:45
Popularity: 54
Author: Eduard Kovacs
Keywords:
Trend Micro’s Zero Day Initiative (ZDI) on Tuesday announced the targets, prizes and rules for the Pwn2Own Vancouver 2021 hacking competition, a hybrid event scheduled to take place on April 6-8. read more
...moreHardcoded Credentials Expose Zyxel Firewalls and WLAN Controllers to Remote Attacks
Published: 2021-01-04 15:12:42
Popularity: 24
Author: Ionut Arghire
Keywords:
LLM Says: "passwords out"
Several Zyxel firewall and WLAN controller products contain hardcoded credentials for an undocumented user account that has admin privileges. Identified by EYE security researcher Niels Teusink, the vulnerability exists because the password for the “zyfwp” user account was stored in plaintext and was visible in one of the binaries on the system. read more
...moreCisco Finds Serious Flaws in Sierra Wireless AirLink Devices
Published: 2019-04-26 13:55:06
Popularity: 153
Author: Eduard Kovacs
Keywords:
Cisco’s Talos research and intelligence group on Thursday disclosed the details of nearly a dozen vulnerabilities uncovered in Sierra Wireless AirLink devices, including serious flaws that can be exploited to change system settings, execute arbitrary code, and modify passwords. read more
...more