Ken's Automated News Feed Aggregator
Various vulnerabilities were fixed in nss, the Network Security Service libraries. CVE-2018-12404 – ————————————————————————- Debian LTS Advisory DLA-2388-1 This email address is being protected from spam…
Continue Reading(published: September 25, 2020) Security Researchers from Amnesty International have identified new variants of FinSpy, spyware that can access private data and record audio/video. While used as a law enforcement tool, authoritarian governments have be…
Continue ReadingAbstract Adversarial training, in which a network is trained on both adversarial and clean examples, is one of the most trusted defense methods against adversarial attacks. However, there are three major practical difficulties in implementing and deplo…
Continue ReadingA set of vulnerabilities are fixed in DPDK: – CVE-2020-14374 – CVE-2020-14375 – CVE-2020-14376 – CVE-2020-14377 – CVE-2020-14378 Some downstream stakeholders were warned in advance in order to coordinate the release of fixes and reduce the vulnerabilit…
Continue ReadingCryptomining has emerged as the most frequent cybersecurity threat detected amongst SMEs in the region. Cryptomining is becoming an ever-greater risk to small and medium businesses (SMBs) in Southeast Asia, according to new research from Kaspersky. The…
Continue ReadingCisco Talos is tracking a spike in exploitation attempts against the Microsoft vulnerability CVE-2020-1472 , an elevation of privilege bug in Netlogon, outlined in the August Microsoft Patch Tuesday report. The vulnerability stems from a flaw in a cryp…
Continue ReadingLokiBot, a trojan-type malware first identified in 2015 is popular amid cybercriminals as a means of creating a backdoor into compromised Windows systems to allow the attacker to install additional payloads. It is an information stealer that uses a ste…
Continue ReadingRansomware is one of the most intractable and common threats facing organizations across all industries and geographies. And, incidents of ransomware attacks continue to rise. Meanwhile, ransomware threat actors are adjusting their attack model to adap…
Continue ReadingLast month, Microsoft announced that it had patched one of the most dangerous bugs ever discovered. On the ten point bug severity scale, this bug attained a 10. However, unless you work in cybersecurity, you probably never heard of Zerologon. There are…
Continue ReadingExploit availability: No Description. CWE-327 – Use of a Broken or Risky Cryptographic Algorithm The vulnerability allows a remote attacker to decrypt sensitive information. The vulnerability exists due to yaws_config.erl in Yaws loads obsolete TLS cip…
Continue Reading