Two flaws in Apache SuperSet allow to remotely hack servers
A couple of security vulnerabilities in Apache SuperSet could be exploited by an attacker to gain remote code execution on…
Security
The Hacker Tool to Get Personal Data from Credit Bureaus
The new site 404 Media has a good article on how hackers are cheaply getting personal information from credit bureaus:…
Chinese cyberspies obtained Microsoft signing key from Windows crash dump due to a mistake
Microsoft revealed that the Chinese group Storm-0558 stole a signing key used to breach government email accounts from a Windows…
Google addressed an actively exploited zero-day in Android
Google released September 2023 Android security updates to address multiple flaws, including an actively exploited zero-day. Google released September 2023…
A zero-day in Atlas VPN Linux Client leaks users’ IP address
Experts warn of an Atlas VPN zero-day flaw impacting the Linux client that can reveal the user’s IP address by…
Weekly Update 363
Presently sponsored by: Fastmail. Check out Masked Email, built with 1Password. One click gets you a unique email address for…
Mysterious Hackers Targeted Space Telescopes
Recent cyber attacks on major astronomy observatories have cast a dark shadow over our attempt to unravel the mysteries of…
MITRE and CISA release Caldera for OT attack emulation
MITRE and CISA released a Caldera extension for OT that allows the emulation of attacks on operational technology systems. MITRE…
Cryptocurrency Startup Loses Encryption Key for Electronic Wallet
The cryptocurrency fintech startup Prime Trust lost the encryption key to its hardware wallet—and the recovery key—and therefore $38.9 million.…
ASUS routers are affected by three critical remote code execution flaws
Three critical remote code execution vulnerabilities in ASUS routers potentially allow attackers to hijack the network devices. ASUS routers RT-AX55,…