Tag: vulnerability disclosure
-
Microsoft Security Blog: How MSRC coordinates vulnerability research and disclosure while building community
Source URL: https://www.microsoft.com/en-us/security/blog/2025/03/13/how-msrc-coordinates-vulnerability-research-and-disclosure-while-building-community/ Source: Microsoft Security Blog Title: How MSRC coordinates vulnerability research and disclosure while building community Feedly Summary: Learn about the Microsoft Security Response Center, which investigates vulnerabilities and releases security updates to help protect customers from cyberthreats. The post How MSRC coordinates vulnerability research and disclosure while building community appeared first on…
-
The Register: Microsoft admits GitHub used to store malware that infected almost a million devices
Source URL: https://www.theregister.com/2025/03/10/infosec_in_brief/ Source: The Register Title: Microsoft admits GitHub used to store malware that infected almost a million devices Feedly Summary: Also, phone cleaner apps are a data-sucking scam, Singapore considering the literal rod for scammers, and more Infosec in Brief Microsoft has spotted a malvertising campaign that downloaded nastyware hosted on GitHub and…
-
The Register: Critical PostgreSQL bug tied to zero-day attack on US Treasury
Source URL: https://www.theregister.com/2025/02/14/postgresql_bug_treasury/ Source: The Register Title: Critical PostgreSQL bug tied to zero-day attack on US Treasury Feedly Summary: High-complexity bug unearthed by infoseccers, as Rapid7 probes exploit further A high-severity SQL injection bug in the PostgreSQL interactive tool was exploited alongside the zero-day used to break into the US Treasury in December, researchers say.……
-
Hacker News: U.S. Government Disclosed 39 Zero-Day Vulnerabilities in 2023, First-Ever Report
Source URL: https://www.zetter-zeroday.com/u-s-government-disclosed-39-zero-day-vulnerabilities-in-2023-per-first-ever-report/ Source: Hacker News Title: U.S. Government Disclosed 39 Zero-Day Vulnerabilities in 2023, First-Ever Report Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses the U.S. government’s disclosure of zero-day vulnerabilities through its Vulnerabilities Equities Process (VEP) in 2023. It highlights a significant shift in the level of transparency around…
-
Hacker News: Quick correlation of vulnerabilities from various sources
Source URL: https://github.com/vulnerability-lookup/vulnerability-lookup Source: Hacker News Title: Quick correlation of vulnerabilities from various sources Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses Vulnerability-Lookup, a platform that enhances the management of vulnerabilities by facilitating quick correlation from various sources and supporting Coordinated Vulnerability Disclosure (CVD). Its collaborative features allow users to comment…
-
Krebs on Security: MasterCard DNS Error Went Unnoticed for Years
Source URL: https://krebsonsecurity.com/2025/01/mastercard-dns-error-went-unnoticed-for-years/ Source: Krebs on Security Title: MasterCard DNS Error Went Unnoticed for Years Feedly Summary: The payment card giant MasterCard just fixed a glaring error in its domain name server settings that could have allowed anyone to intercept or divert Internet traffic for the company by registering an unused domain name. The misconfiguration…