MATLOCK.CA
161Articles
8Categories
2023-12-12Date
πŸ›
New Critical RCE Vulnerability Discovered in Apache Struts 2 - Patch Now
THEHACKERNEWS.COM — 12 Dec 2023
πŸ›
50K WordPress Sites Exposed to RCE Attacks by Critical Bug in Backup Plugin
BLEEPINGCOMPUTER.COM — 12 Dec 2023
πŸ›
Sophos backports RCE fix after attacks on unsupported firewalls
BLEEPINGCOMPUTER.COM — 12 Dec 2023
πŸ›
Hardening cellular basebands in Android
SECURITY.GOOGLEBLOG.COM — 2023-12-12
πŸ›
CVE-2023-36696 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-36391 Local Security Authority Subsystem Service Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-36020 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-36009 Microsoft Word Information Disclosure Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-36011 Win32k Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-20588 AMD: CVE-2023-20588 AMD Speculative Leaks Security Notice
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-35625 Azure Machine Learning Compute Instance for SDK Users Information Disclosure Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-21740 Windows Media Remote Code Execution Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-36019 Microsoft Power Platform Connector Spoofing Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-36010 Microsoft Defender Denial of Service Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-36012 DHCP Server Service Information Disclosure Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-36003 XAML Diagnostics Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-36004 Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-36005 Windows Telephony Server Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-36006 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-35638 DHCP Server Service Denial of Service Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-35639 Microsoft ODBC Driver Remote Code Execution Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-35641 Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-35642 Internet Connection Sharing (ICS) Denial of Service Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-35643 DHCP Server Service Information Disclosure Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-35644 Windows Sysmain Service Elevation of Privilege
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-35628 Windows MSHTML Platform Remote Code Execution Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-35629 Microsoft USBHUB 3.0 Device Driver Remote Code Execution Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-35630 Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-35631 Win32k Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-35632 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-35633 Windows Kernel Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-35634 Windows Bluetooth Driver Remote Code Execution Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-35635 Windows Kernel Denial of Service Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-35636 Microsoft Outlook Information Disclosure Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-35619 Microsoft Outlook for Mac Spoofing Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-35621 Microsoft Dynamics 365 Finance and Operations Denial of Service Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-35622 Windows DNS Spoofing Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
CVE-2023-35624 Azure Connected Machine Agent Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 12 Dec 2023
πŸ›
Atlassian patches critical remote code execution vulnerabilities in multiple products
KEVCSOONLINE.COM — 12 Dec 2023
πŸ›
The Apache Software Foundation Updates Struts 2
CISA.GOV — Tue, 12 Dec 23 1
πŸ›
Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally
CISA.GOV — 12 Dec 2023
⚠️
Lazarus Group Using Log4j Exploits to Deploy Remote Access Trojans - RedPacket Security
REDPACKETSECURITY.COM — 12 Dec 2023
⚠️
World's First CISO Dies as SEC Turns Up Enforcement on Cybersecurity - BSW #331
YOUTUBE.COM — 2023-12-12
⚠️
The Impact of the New SEC Regulations on Cybersecurity - BSW #331
YOUTUBE.COM — 2023-12-12
⚠️
Apple Releases Security Updates to Patch Critical iOS and macOS Security Flaws
THEHACKERNEWS.COM — 12 Dec 2023
⚠️
Kubescape Open-Source Project Adds Vulnerability Exploitability eXchange (VEX) Support
HELPNETSECURITY.COM — 12 Dec 2023
⚠️
Apple Releases Security Updates to Patch Critical iOS and macOS Security Flaws
THEHACKERNEWS.COM — 12 Dec 2023
⚠️
WordPress Plugin Flaw Exposes 90K+ Websites to Hack Attack
GBHACKERS.COM — 12 Dec 2023
⚠️
SyzGPT: When the fuzzer meets the LLM
ALBOCODER.GITHUB.IO — 12 Dec 2023
⚠️
The SEC action against SolarWinds highlights how tough it can get for CISOs
KEVCSOONLINE.COM — 12 Dec 2023
⚠️
DEF CON 23 (2015) - Chris Domas - Repsych: Psychological Warfare in Reverse Engineering
INFOSEC.PUB — 12 Dec 2023
⚠️
The Art of Code by Dylan Beattie (2022)
INFOSEC.PUB — 12 Dec 2023
⚠️
Snyk unveils new ASPM offering to help DevSecOps manage cloud application risks
CSOONLINE.COM — 12 Dec 2023
⚠️
Gamers Warned of Potential CS2 Exploit That can Reveal IP Addresses
HACKREAD.COM — 12 Dec 2023
⚠️
ICS Patch Tuesday: Electromagnetic Fault Injection, Critical Redis Vulnerability
SECURITYWEEK.COM — 12 Dec 2023
⚠️
Air Force Disciplines 15 as IG Finds That Security Failures Led to Massive Classified Documents Leak
SECURITYWEEK.COM — 12 Dec 2023
⚠️
CISA Releases SCuBA Google Workspace Secure Configuration Baselines for Public Comment
CISA.GOV — Tue, 12 Dec 23 1
⚠️
Flaws in Backup Migration and Elementor WordPress Plugins Allow Remote Code Execution
SECURITYWEEK.COM — 12 Dec 2023
⚠️
Over 1,450 pfSense servers exposed to RCE attacks via bug chain
BLEEPINGCOMPUTER.COM — 12 Dec 2023
⚠️
Russian APT28 Hackers Targeting 13 Nations in Ongoing Cyber Espionage Campaign
THEHACKERNEWS.COM — 12 Dec 2023
⚠️
Over 1,450 pfSense Servers Exposed to RCE Attacks via Bug Chain
BLEEPINGCOMPUTER.COM — 12 Dec 2023
⚠️
CISA Releases Two Industrial Control Systems Advisories
CISA.GOV — Tue, 12 Dec 23 1
⚠️
Russia Weaponizes Israel-Hamas Conflict in Targeted Phishing Attack
KNOWBE4.COM — 12 Dec 2023
⚠️
Ukraine’s intelligence claims cyberattack on Russia’s state tax service
THERECORD.MEDIA — 12 Dec 2023
⚠️
The ABCs of RFCs - Heather Flanagan - ASW #266
YOUTUBE.COM — 2023-12-12
⚠️
Apple Releases Security Updates for Multiple Products
CISA.GOV — Tue, 12 Dec 23 1
⚠️
Microsoft December 2023 Patch Tuesday fixes 34 flaws, 1 zero-day
BLEEPINGCOMPUTER.COM — 12 Dec 2023
⚠️
SAP Patches Critical Vulnerability in Business Technology Platform
SECURITYWEEK.COM — 12 Dec 2023
⚠️
Microsoft Patch Tuesday December 2023, (Tue, Dec 12th)
ISC.SANS.EDU — 12 Dec 2023
⚠️
Microsoft Patch Tuesday: Critical Spoofing and Remote Code Execution Flaws
SECURITYWEEK.COM — 12 Dec 2023
⚠️
FCC reminds mobile phone carriers they must do more to prevent SIM swaps
THERECORD.MEDIA — 12 Dec 2023
⚠️
Microsoft Patch Tuesday, December 2023 Edition
KREBSONSECURITY.COM — 12 Dec 2023
⚠️
Adobe Releases Security Updates for Multiple Products
CISA.GOV — Tue, 12 Dec 23 1
⚠️
Microsoft Releases Security Updates for Multiple Products
CISA.GOV — Tue, 12 Dec 23 1
⚠️
Lazarus Exploits Log4Shell to Deploy Telegram-Based Malware
DATABREACHTODAY.CO.UK — 2023-12-12
⚠️
A Vulnerability in the Backup Migration Plugin for WordPress Could Allow for Remote Code Execution
CISECURITY.ORG — 12 Dec 2023
⚠️
Critical Patches Issued for Microsoft Products, December 12, 2023
CISECURITY.ORG — 12 Dec 2023
⚠️
Multiple Vulnerabilities in Atlassian Products Could Allow for Remote Code Execution
CISECURITY.ORG — 12 Dec 2023
πŸ“‹
Adobe Patches 207 Security Bugs in Mega Patch Tuesday Bundle
SECURITYWEEK.COM — 12 Dec 2023
πŸ“‹
From Microsoft to you, 33 packages
SOPHOS.COM — 12 Dec 2023
πŸ“’
A Note on progress…NIST’s Digital Identity Guidelines.
NIST.GOV — 12 Dec 2023
πŸ“’
CISA Seeks Public Comment on Newly Developed Secure Configuration Baselines for Google Workspace
CISA.GOV — Tue, 12 Dec 23 1
πŸ“’
Why Financial Institutions Are Adopting the CRI Profile
PALOALTONETWORKS.COM — 12 Dec 2023
πŸ“’
Rumble Fights Off Unprecedented Cyberattack, Likely An Attempt To Censor Creators, CEO Says
RECLAIMTHENET.ORG — 12 Dec 2023
πŸ“’
HPE security advisory (AV23-755)
CYBER.GC.CA — 2023-12-12
πŸ“’
SAP security advisory – December 2023 monthly rollup (AV23-756)
CYBER.GC.CA — 2023-12-12
πŸ“’
Findings and Updates from CISA’s Ongoing Collaboration with Education Technology Vendors to Address K-12 Cybersecurity Challenges
CISA.GOV — Tue, 12 Dec 23 1
πŸ“’
Fortinet security advisory (AV23-757)
CYBER.GC.CA — 2023-12-12
πŸ“’
[Control systems] Schneider Electric security advisory (AV23-754)
CYBER.GC.CA — 2023-12-12
πŸ“’
Microsoft security advisory – December 2023 monthly rollup (AV23-758)
CYBER.GC.CA — 2023-12-12
πŸ“’
Addressing Privacy and Data-Sharing Hurdles in Healthcare AI
DATABREACHTODAY.CO.UK — 2023-12-12
πŸ“’
[Control systems] Siemens security advisory (AV23-760)
CYBER.GC.CA — 2023-12-12
πŸ“’
Adobe security advisory (AV23-759)
CYBER.GC.CA — 2023-12-12
πŸ“’
Strengthening identity protection in the face of highly sophisticated attacks
TECHCOMMUNITY.MICROSOFT.COM — 12 Dec 2023
πŸ”₯
InflateVids - 13,405 breached accounts
HAVEIBEENPWNED.COM — 12 Dec 2023
πŸ”₯
A Gigantic New ICBM Will Take US Nuclear Missiles Out of the Cold War-Era but Add 21st-Century Risks
SECURITYWEEK.COM — 12 Dec 2023
πŸ”₯
LockBit Ransomware Group Alleges LivaNova PLC Data Breach
THECYBEREXPRESS.COM — 12 Dec 2023
πŸ”₯
HHS Agrees to $480,000 Settlement With Louisiana Medical Group Over Data Breach
THERECORD.MEDIA — 12 Dec 2023
πŸ”₯
Greece Plans National Cybersecurity Authority to Combat Rising Hacker Threats
THECYBEREXPRESS.COM — 12 Dec 2023
πŸ”₯
Update: Henry Schein Says 29K People Affected in September Cyberattack
CYBERSECURITYDIVE.COM — 12 Dec 2023
πŸ”₯
White House Wants to Set Minimum Cyber Standards for Hospitals, Healthcare
CYBERSECURITYDIVE.COM — 12 Dec 2023
πŸ”₯
TV Service in UAE Hacked to Show Alleged Atrocities in Palestine
THERECORD.MEDIA — 12 Dec 2023
πŸ”₯
Toyota Germany Confirms Personal Information Stolen in Ransomware Attack
SECURITYWEEK.COM — 12 Dec 2023
πŸ”₯
FBI Issues Guidance for Delaying SEC-Required Data Breach Disclosure
SECURITYWEEK.COM — 12 Dec 2023
πŸ”₯
Toyota Financial Services Discloses Data Breach Affecting German Customers
SECURITYAFFAIRS.COM — 12 Dec 2023
πŸ”₯
Nearly 130,000 Affected by Ransomware Attack on Cold Storage Company Americold
THERECORD.MEDIA — 12 Dec 2023
πŸ”₯
Non-Human Access is the Path of Least Resistance: A 2023 Recap
THEHACKERNEWS.COM — 12 Dec 2023
πŸ”₯
Toyota Ransomware Attack Exposes Customers Personal Data
GBHACKERS.COM — 12 Dec 2023
πŸ”₯
North Ireland Cops Count Human Cost Of August Data Breach
PACKETSTORMSECURITY.COM — 12 Dec 2023
πŸ”₯
Toyota Germany Says Customer Data Stolen In Ransomware Attack
PACKETSTORMSECURITY.COM — 12 Dec 2023
πŸ”₯
Ukraine's largest mobile carrier Kyivstar down following cyberattack
BLEEPINGCOMPUTER.COM — 12 Dec 2023
πŸ”₯
Ukraine’s largest mobile operator Kyivstar downed by β€˜powerful’ cyberattack
TECHCRUNCH.COM — 12 Dec 2023
πŸ”₯
Bitcoin ATM company Coin Cloud got hacked. Even its new owners don’t know how
TECHCRUNCH.COM — 12 Dec 2023
πŸ”₯
Top Ukrainian Mobile Operator Kyivstar Hit by Cyberattack
DATABREACHTODAY.CO.UK — 2023-12-12
πŸ”₯
Northern Ireland's Police Service to Revamp Cybersecurity
DATABREACHTODAY.CO.UK — 2023-12-12
πŸ”₯
Ukrainian military says it hacked Russia's federal tax agency
BLEEPINGCOMPUTER.COM — 12 Dec 2023
πŸ”₯
Cyberattack Cripples Ukraine’s Largest Telcom Operator
SECURITYWEEK.COM — 12 Dec 2023
πŸ”₯
UK Downplays Ransomware Threat at Its Peril, Says Committee
DATABREACHTODAY.CO.UK — 2023-12-12
πŸ•΅οΈ
ISC Stormcast For Tuesday, December 12th, 2023 https://isc.sans.edu/podcastdetail/8774, (Tue, Dec 12th)
ISC.SANS.EDU — 12 Dec 2023
πŸ•΅οΈ
What is CloudSecOps? – A Complete Security Operations Guide – 2024
GBHACKERS.COM — 12 Dec 2023
πŸ•΅οΈ
Shaping our children's education in computing" by Simon Peyton Jones (2018)
INFOSEC.PUB — 12 Dec 2023
πŸ•΅οΈ
Bret Victor The Future of Programming (2013)
INFOSEC.PUB — 12 Dec 2023
πŸ•΅οΈ
New Windows/Linux Firmware Attack
SCHNEIER.COM — 2023-12-12
πŸ•΅οΈ
James Powell: So you want to be a Python expert? | PyData Seattle 2017
INFOSEC.PUB — 12 Dec 2023
πŸ•΅οΈ
New malware is using direct emails to hunt the head-hunters
CSOONLINE.COM — 12 Dec 2023
πŸ•΅οΈ
Sandman Cyberespionage Group Linked to China
SECURITYWEEK.COM — 12 Dec 2023
πŸ•΅οΈ
CyberheistNews Vol 13 #50 [Heads Up] Don't Be Fooled by This Sneaky Disney+ Phishing Scam
KNOWBE4.COM — 12 Dec 2023
πŸ•΅οΈ
Is there really an Information Security Jobs Crisis? - Ben Rothke - CSP #152
YOUTUBE.COM — 2023-12-12
πŸ•΅οΈ
Threat Actor TA4557 Targets Recruiters With Malware
INFOSECURITY-MAGAZINE.COM — 12 Dec 2023
πŸ•΅οΈ
Cybertruck, Viagra, Struts, Atlassian, Log4Shell, Pharmacies, Jason Wood, and More – SWN #348
YOUTUBE.COM — 2023-12-12
πŸ•΅οΈ
Russian APT28 Hackers Targeting 13 Nations in Ongoing Cyber Espionage Campaign
THEHACKERNEWS.COM — 12 Dec 2023
πŸ•΅οΈ
Apple Sets Trap to Catch iMessage Impersonators
SECURITYWEEK.COM — 12 Dec 2023
πŸ•΅οΈ
Who's Calling? Spam, Scams and Wasted Time
KNOWBE4.COM — 12 Dec 2023
πŸ•΅οΈ
Unwrapping the Threat: AI-Powered Phishing Attacks Take Center Stage in 2023 Holidays
KNOWBE4.COM — 12 Dec 2023
πŸ•΅οΈ
News alert: Detectify’s EASM research reveals top overlooked vulnerabilities from 2023
LASTWATCHDOG.COM — 12 Dec 2023
πŸ•΅οΈ
Cybertruck, Viagra, Struts, Atlassian, Log4Shell, Pharmacies, Jason Wood, and More - SWN #348
YOUTUBE.COM — 2023-12-12
πŸ•΅οΈ
Prompt Injection Scanners, Better AI Jailbreaks, Purple Llama, Linux Kernel Security - ASW #266
YOUTUBE.COM — 2023-12-12
πŸ•΅οΈ
Microsoft: OAuth apps used to automate BEC and cryptomining attacks
BLEEPINGCOMPUTER.COM — 12 Dec 2023
πŸ•΅οΈ
Threat actors misuse OAuth applications to automate financially driven attacks
MICROSOFT.COM — 12 Dec 2023
🌐
New MrAnon Stealer Malware Targeting German Users via Booking-Themed Scam
THEHACKERNEWS.COM — 12 Dec 2023
🌐
Kelvin Security cybercrime gang suspect seized by Spanish police
TRIPWIRE.COM — 12 Dec 2023
🌐
Unveiling the Cyber Threats to Healthcare: Beyond the Myths
THEHACKERNEWS.COM — 12 Dec 2023
πŸ“‘
Amazon Sues REKK Fraud Gang That Stole Millions in Illicit Refunds
BLEEPINGCOMPUTER.COM — 12 Dec 2023
πŸ“‘
UK Police Return $10 Million in Bitcoin Stolen by Chronically-Ill Bed-Bound Thief
THERECORD.MEDIA — 12 Dec 2023
πŸ“‘
Leader of Russian Hacktivist Group Killnet β€˜Retires,’ Appoints New Head
THERECORD.MEDIA — 12 Dec 2023
πŸ“‘
Cybercriminals Continue Targeting Open Remote Access Products
HELPNETSECURITY.COM — 12 Dec 2023
πŸ“‘
Security Automation Gains Traction, Prompting a β€œShift Everywhere” Philosophy
HELPNETSECURITY.COM — 12 Dec 2023
πŸ“‘
Long-Running Clearview AI Class Action Biometric Privacy Case Settles
THERECORD.MEDIA — 12 Dec 2023
πŸ“‘
Fake LinkedIn Profiles Target Saudi Workers for Information Leakage and Financial Fraud
DARKREADING.COM — 12 Dec 2023
πŸ“‘
Apple Ships iOS 7.2 With Urgent Security Patches
PACKETSTORMSECURITY.COM — 12 Dec 2023
πŸ“‘
Atlassian Warns Of Four New Critical Vulnerabilities
PACKETSTORMSECURITY.COM — 12 Dec 2023
πŸ“‘
Cybercriminals Are Using Wyoming Shell Companies For Global Hacks
PACKETSTORMSECURITY.COM — 12 Dec 2023
πŸ“‘
Cloud engineer gets 2 years for wiping ex-employer’s code repos
BLEEPINGCOMPUTER.COM — 12 Dec 2023
πŸ“‘
Practitioner guidance for securing Microsoft Active Directory services in your organization - ITSP.60.100
CYBER.GC.CA — 2023-12-12
πŸ“‘
How criminals disguise URLs | Kaspersky official blog
KASPERSKY.COM — 12 Dec 2023
πŸ“‘
Windows 10 KB5033372 update released with Copilot for everyone, 20 changes
BLEEPINGCOMPUTER.COM — 12 Dec 2023
πŸ“‘
Windows 11 update KB5033375 released with upgraded Copilot AI-assistant
BLEEPINGCOMPUTER.COM — 12 Dec 2023
πŸ“‘
How the EU Cyber Resilience Act Impacts Manufacturers
TRENDMICRO.COM — 12 Dec 2023
πŸ“‘
Windows 11 KB5033375 update released with upgraded Copilot AI-assistant
BLEEPINGCOMPUTER.COM — 12 Dec 2023
πŸ“‘
Avira antivirus causes Windows computers to freeze after boot
BLEEPINGCOMPUTER.COM — 12 Dec 2023
πŸ“‘
A pernicious potpourri of Python packages in PyPI
WELIVESECURITY.COM — 12 Dec 2023