zero-day – Page 2 – Experimental News Clipping Site

The Register: T-Mobile US CSO: Spies jumped from one telco to another in a way ‘I’ve not seen in my career’

Dec 21, 2024

—

by

Source URL: https://www.theregister.com/2024/12/05/tmobile_cso_telecom_attack/ Source: The Register Title: T-Mobile US CSO: Spies jumped from one telco to another in a way ‘I’ve not seen in my career’ Feedly Summary: Security chief talks to El Reg as Feds urge everyone to use encrypted chat interview While Chinese-government-backed spies maintained access to US telecommunications providers’ networks for months…

The Register: T-Mobile US CSO: Spies jumped from one telco to another in a way ‘I’ve not seen in my career’

Dec 21, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/12/05/tmobile_cso_telecom_attack/ Source: The Register Title: T-Mobile US CSO: Spies jumped from one telco to another in a way ‘I’ve not seen in my career’ Feedly Summary: Security chief talks to El Reg as Feds urge everyone to use encrypted chat interview While Chinese-government-backed spies maintained access to US telecommunications providers’ networks for months…

Slashdot: Chinese Hacker Singlehandedly Responsible For Exploiting 81,000 Sophos Firewalls, DOJ Says

Dec 17, 2024

—

by

system automation

in Uncategorized

Source URL: https://it.slashdot.org/story/24/12/17/1745239/chinese-hacker-singlehandedly-responsible-for-exploiting-81000-sophos-firewalls-doj-says?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Chinese Hacker Singlehandedly Responsible For Exploiting 81,000 Sophos Firewalls, DOJ Says Feedly Summary: AI Summary and Description: Yes Summary: The text discusses a significant cybersecurity incident involving a Chinese hacker and the associated compromising of firewalls that protect US critical infrastructure. The indictment highlights the escalation of cyber threats…

The Register: US names Chinese national it alleges was behind 2020 attack on Sophos firewalls

Dec 11, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/12/11/sichuan_silence_sophos_zeroday_sanctions/ Source: The Register Title: US names Chinese national it alleges was behind 2020 attack on Sophos firewalls Feedly Summary: Also sanctions his employer – an outfit called Sichuan Silence linked to Ragnarok ransomware The US Departments of Treasury and Justice have named a Chinese business and one of its employees as the…

Krebs on Security: Patch Tuesday, December 2024 Edition

Dec 11, 2024

—

by

system automation

in Uncategorized

Source URL: https://krebsonsecurity.com/2024/12/patch-tuesday-december-2024-edition/ Source: Krebs on Security Title: Patch Tuesday, December 2024 Edition Feedly Summary: Microsoft today released updates to plug at least 70 security holes in Windows and Windows software, including one vulnerability that is already being exploited in active attacks. The zero-day seeing exploitation involves CVE-2024-49138, a security weakness in the Windows Common……

The Register: Fully patched Cleo products under renewed ‘zero-day-ish’ mass attack

Dec 10, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/12/10/cleo_vulnerability/ Source: The Register Title: Fully patched Cleo products under renewed ‘zero-day-ish’ mass attack Feedly Summary: Thousands of servers targeted while customers wait for patches Researchers at security shop Huntress are seeing mass exploitation of a vulnerability affecting three Cleo file management products, even on patched systems.… AI Summary and Description: Yes Summary:…

Cisco Talos Blog: MC LR Router and GoCast unpatched vulnerabilities

Dec 9, 2024

—

by

system automation

in Uncategorized

Source URL: https://blog.talosintelligence.com/mc-lr-router-and-gocast-zero-day-vulnerabilities-2/ Source: Cisco Talos Blog Title: MC LR Router and GoCast unpatched vulnerabilities Feedly Summary: Cisco Talos’ Vulnerability Research team recently discovered two vulnerabilities in MC Technologies LR Router and three vulnerabilities in the GoCast service. These vulnerabilities have not been patched at time of this posting. For Snort coverage that can detect the exploitation…

CSA: AI-Enhanced Penetration Testing: Redefining Red Teams

Dec 6, 2024

—

by

system automation

in Uncategorized

Source URL: https://cloudsecurityalliance.org/blog/2024/12/06/ai-enhanced-penetration-testing-redefining-red-team-operations Source: CSA Title: AI-Enhanced Penetration Testing: Redefining Red Teams Feedly Summary: AI Summary and Description: Yes Summary: The text discusses the transformative role of Artificial Intelligence (AI) in enhancing penetration testing practices within cybersecurity. It highlights how AI addresses the limitations of traditional methods, offering speed, scalability, and advanced detection of vulnerabilities.…

The Register: PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files

Dec 6, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/12/06/mitel_micollab_0day/ Source: The Register Title: PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files Feedly Summary: Still unpatched 100+ days later, watchTowr says A zero-day arbitrary file read vulnerability in Mitel MiCollab can be chained with a now-patched critical bug in the same platform to give attackers access to sensitive…

Cloud Blog: Bridging the Gap: Elevating Red Team Assessments with Application Security Testing

Dec 5, 2024

—

by

system automation

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/red-team-application-security-testing/ Source: Cloud Blog Title: Bridging the Gap: Elevating Red Team Assessments with Application Security Testing Feedly Summary: Written by: Ilyass El Hadi, Louis Dion-Marcil, Charles Prevost Executive Summary Whether through a comprehensive Red Team engagement or a targeted external assessment, incorporating application security (AppSec) expertise enables organizations to better simulate the tactics and…

Tag: zero-day