Vulnerabilities - Tagged - Security Boulevard

$3 Million Cryptocurrency Heist Stemmed from a Malicious GitHub Commit

| | Vulnerabilities
SushiSwap's MISO cryptocurrency platform suffered a $3 million theft resulting from a software supply-chain attack, as I reported on Friday ...

OMIGOD! Microsoft Secretly Installed an Open Source Agent with Critical Vulnerabilities on Thousands of Linux VMs

| | Vulnerabilities
In a rather appalling discovery, Microsoft has now released patches for critical vulnerabilities in its Open Management Infrastructure (OMI) software agent which had been silently installed on Azure Linux VMs ...

Cyber Mayhem – Attackers Actively Exploit Vulnerable Confluence Servers, while 500,000 Fortinet VPNs See Passwords Leaked

| | FEATURED, Vulnerabilities
Last week was all about patching severe zero-days in leading products from Atlassian Confluence to Fortinet devices to Microsoft Office—all of which are being actively exploited ...
Microsoft Zero-Day-of-the-Month Club

Microsoft Zero-Day-of-the-Month Club

When it comes to zero day attacks against Microsoft products, I often feel like Bill Murray’s character in the movie Groundhog Day. It seems like I keep waking up to the same ...
THREAT ALERT: Microsoft MSHTML Remote Code Execution Vulnerability

THREAT ALERT: Microsoft MSHTML Remote Code Execution Vulnerability

The Cybereason Global Security Operations Center (SOC) issues Cybereason Threat Alerts to inform customers of emerging impacting threats. The Alerts summarize these threats and provide practical recommendations for protecting against them ...
CISO Stories Podcast: The Unpatchable Vulnerability that is Human Nature

CISO Stories Podcast: The Unpatchable Vulnerability that is Human Nature

Rachel Tobac, CEO of SocialProof Security, delves into the inner-workings of social engineering exploits where she leverages her background in neuroscience and behavioral psychology to exploit the unpatchable vulnerability that is human ...

From Feature to Vulnerability: a spring-security-oauth2-client Story

Spring Security provides security services for the Spring IO Platform, available on their Github repository. Today we focus on the “oauth2” client, which provides an application with the capability to have users ...
BlackBerry QNX Vulnerability Highlights Lurking Issues with IOT Security

BlackBerry QNX Vulnerability Highlights Lurking Issues with IOT Security

BlackBerry revealed that its QNX operating system is vulnerable to the BadAlloc flaw revealed earlier this year. QNX is an embedded systems operating system that can be found in hundreds of millions ...