While IT automation is growing, big challenges remain. Chris Hass, director of information security and research at Automox, discusses how the future looks.
The ‘TLStorm’ vulnerabilities, found in APC Smart-UPS products, could allow attackers to cause both cyber and physical damage by taking down critical infrastructure.
A missing check allows unprivileged attackers to escape containers and execute arbitrary commands in the kernel.
Researchers have discovered how to remotely manipulate the Amazon Echo through its own speakers.
The move comes just a week after GPU-maker NVIDIA was hit by Lapsus$ and every employee credential was leaked.
Nvidia certificates are being used to sign malware, enabling malicious programs to pose as legitimate and slide past security safeguards on Windows machines.
Both vulnerabilities are use-after-free issues in Mozilla’s popular web browser.
Notes threatening to tank targeted companies’ stock price were embedded into the DDoS ransomware attacks as a string_of_text directed to CEOs and webops_geeks in the URL.
Cruddy cryptography means victims whose files have been encrypted by the Ukraine-tormenting ransomware can break the chains without paying extortionists.
A military email address was used to distribute malicious email macros among EU personnel helping Ukrainians.