Inconsistencies in the Common Vulnerability Scoring System (CVSS)
Interesting research: Shedding Light on CVSS Scoring Inconsistencies: A User-Centric Study on Evaluating Widespread Security Vulnerabilities Abstract: The Common Vulnerability…
Security
A massive DDoS attack took down the site of the German financial agency BaFin
A distributed denial-of-service (DDoS) attack took the site of the German Federal Financial Supervisory Authority (BaFin) down. A distributed denial-of-service…
X will collect biometric data from its premium users
The social media site X announced that it will collect premium users’ biometric data for security and identification purposes. The…
“Smishing Triad” Targeted USPS and US Citizens for Data Theft
Resecurity has identified a large-scale smishing campaign, tracked as Smishing Triad, targeting the US Citizens. Earlier episodes have revealed victims…
Publicly available Evil_MinIO exploit used in attacks on MinIO Storage Systems
A threat actor was spotted exploiting MinIO storage system vulnerabilities to execute arbitrary code on affected servers. Security Joes researchers…
University of Sydney suffered a security breach caused by a third-party service provider
The University of Sydney (USYD) suffered a security breach caused by a third-party service provider that exposed personal information of…
Cybercrime will cost Germany $224 billion in 2023
Cybercrime will cost Germany 206 billion euros ($224 billion) in 2023, German digital association Bitkom told Reuters. According to the…
THREAT ADVISORY: Zero-Day Vulnerabilities Detected on WinRAR
Zero-day vulnerabilities represent an imminent threat to cybersecurity, and in this case, two such vulnerabilities, CVE-2023-38831 and CVE-2023-40477,… The post…
PoC exploit code released for CVE-2023-34039 bug in VMware Aria Operations for Networks
Researcher released PoC exploit code for a recent critical flaw (CVE-2023-34039) in VMware Aria Operations for Networks. At the end…
Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free…