January 2022 Archives

PwnKit Local Privilege Escalation Bug Plagues Linux Distributions

1/27/2022 23:23 GMT An argument-parsing bug in the pkexec utility from the PolKit package allows easy-to-exploit local privilege…

January 27, 2022 21:55 GMT

How To Become a Penetration Tester: A DIY Guide

Pedro Sosa, Attack Team (NCAT) Manager at Novacoast has compiled this Getting Started guide to help newcomers find…

January 25, 2022 17:40 GMT

Open Source Developers Sabotage Projects Downloaded By Millions

What can devOps and cybersecurity professionals learn from the latest software supply chain disaster?

January 18, 2022 01:46 GMT

Microsoft Critical Wormable RCE and Six Zero-Days Highlight January Patch Tuesday

The January 2022 Patch Tuesday is a big one, but shouldn't be postponed as it contains a patch for a critical wormable RCE vulnerability in the HTTP protocol stack.

January 12, 2022 21:32 GMT

University Researchers Pit Top 18 EDR Products Against Real-World Attacks

As the industry becomes more committed to relying on the latest class of endpoint protection products, one has…

January 12, 2022 17:52 GMT

Log4j New Year Wrap-Up

One month into the Log4j vulnerability, we take a look at the 3 CVEs and their fixes, known exploits being observed in the wild, and a way forward in dealing with the ubiquitous and targeted Java library.

January 7, 2022 01:15 GMT

The Five Biggest Cybersecurity Challenges in 2022

At the outset of the new year we take a look at the biggest challenges ahead.

January 6, 2022 16:28 GMT

Hand-Picked Top-Read Stories

Palo Alto Recommends Urgent Mitigation For Authentication Bypass Vulnerability in PAN-OS

Weekly Top 10: 11.18.2024: Microsoft Exchange Adds Warning to Emails Abusing Spoofing Flaw; Evasive ZIP Concatenation: Trojan Targets Windows Users; Microsoft November 2024 Patch Tuesday Fixes 4 Zero-Days, 89 Flaws, and More.

What Happened To The Internet Archive?

Trending Tags

Month: January 2022

PwnKit Local Privilege Escalation Bug Plagues Linux Distributions

Open Source Developers Sabotage Projects Downloaded By Millions

Microsoft Critical Wormable RCE and Six Zero-Days Highlight January Patch Tuesday

University Researchers Pit Top 18 EDR Products Against Real-World Attacks

Log4j New Year Wrap-Up

The Five Biggest Cybersecurity Challenges in 2022

Threat Advisories

Palo Alto Recommends Urgent Mitigation For Authentication Bypass Vulnerability in PAN-OS

Weekly Top 10: 11.18.2024: Microsoft Exchange Adds Warning to Emails Abusing Spoofing Flaw; Evasive ZIP Concatenation: Trojan Targets Windows Users; Microsoft November 2024 Patch Tuesday Fixes 4 Zero-Days, 89 Flaws, and More.

Weekly Top 10: 11.11.2024: Veeam Backup Exploit Used by Frag Ransomware; North Korean Hackers Use macOS Malware to Steal Crypto; Palo Alto PAN-OS May be Vulnerable to RCE, and More.

Weekly Top 10: 11.04.2024: Android Malware ‘FakeCall’ Hijacks Outgoing Calls; PTZ Cameras Being Targeted Using Two Zero-Days; Hacker Group TeamTNT Targets Docker Environments, and More.

Weekly Top 10: 10.28.2024: Severe Flaws in E2EE Cloud Storage Platforms Used by Millions; ClickFix Tactic: The Phantom Meet; Firm Hacked After Accidentally Hiring North Korean Cyber Criminal, and More.

Education

Protecting Microsoft Teams From Data Exfiltration – A Tactical DLP Rule

Anatomy of a Data Breach

OpenAI Cybersecurity Research

Breach Report: Healthcare

Analysis of GalComm Chrome Extension Malware