8Articles
2Categories
2023-06-23Date
⚠️ VULNERABILITY DISCLOSURE 5[−]
23 JunMultiple Vulnerabilities in VMware Products Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in VMware vCenter Server and Cloud Foundation, the most severe of which could allow for arbitrary code execution. VMware vCenter Server is the centralized management utility for VMware. VMware Cloud Foundation is a multi-cloud platfor…CISECURITY.ORG
23 JunMultiple Vulnerabilities in Fortinet FortiNAC Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in Fortinet FortiNAC, the most severe of which could allow for arbitrary code execution. FortiNAC is a network access control solution offered by Fortinet that manages network-wide access policies, gains visibility of devices and user…CISECURITY.ORG
23 JunSupply chain security for Go, Part 2: Compromised dependenciesJulie Qiu, Go Security & Reliability, and Roger Ng, Google Open Source Security Team “Secure your dependencies”—it’s the new supply chain mantra. With attacks targeting software supply chains sharply rising , open source developers need to monitor and judge the risks of the p…SECURITY.GOOGLEBLOG.COM
23 JunBeyond the AWS Security Maturity Roadmapsubmitted by Captain to cloudsecurity 6 points | 0 comments https://speakerdeck.com/ramimac/beyond-the-aws-security-maturity-roadmap This gives a great overview of when to build, buy, or adopt an open source solution for a few different common cloud security challenges. The talk …SPEAKERDECK.COM
23 JunFor Science! - Using an Unimpressive Bug in EDK II to Do Some Fun ExploitationIn this blog post we'll see a technique to gain code execution in SMM from a very limited write primitive.QUARKSLAB.COM
🔥 INCIDENT REPORTING 3[−]
23 JunCyber Security Today, Week in Review for June 23, 2023This episode features a discussion on calls by several civil rights groups for the Canadian government to tighten up its proposed cybersecurity law, the proper way companies should notify victims of a data breach, why cybercrooks like using the Telegram Messaging service and moreCYBERSECURITYTODAY.LIBSYN.COM
23 JunCyber Security Today, June 23, 2023 - New ransomware data, a salary transfer scam that victimize employees and moreThis episode reports on the increasing number of ransomware attacks, an email scam that tricks firms into switching payment bank accounts of employees and moreCYBERSECURITYTODAY.LIBSYN.COM
23 JunWhat to know about the MOVEit hack – Week in security with Tony AnscombeThe US government has now announced a bounty of $10 million for intel linking the Cl0p ransomware gang to a foreign governmentWELIVESECURITY.COM