Video: How propaganda can spread on social media via memes, fake news
In this video, we'll look at a few examples of what essentially equates to propaganda spreading across social media, leading to false stories, headlines, posts and the continued degradation of the meaning of "truth."
Vulnerability Spotlight: Multiple issues in Robustel R1510 cellular router could lead to code execution, denial of service
Cisco Talos recently discovered nine vulnerabilities in the Robustel R1510 industrial cellular router, several of which could allow an adversary to inject operating system code remotely.
Microsoft Patch Tuesday for October 2022 — Snort rules and prominent vulnerabilities
Microsoft released its monthly security update Tuesday, disclosing 83 vulnerabilities across the company’s hardware and software line.
Vulnerability Spotlight: Data deserialization in VMware vCenter could lead to remote code execution
Marcin “Icewall” Noga of Cisco Talos discovered this vulnerability. Cisco Talos recently discovered an exploitable data deserialization vulnerability in the VMware vCenter server platform. VMware is one of the most popular virtual machine solutions currently available, and its
Threat Source newsletter (Oct. 6, 2022) — Continuing down the Privacy Policy rabbit hole
Any time we welcome this software and hardware into our homes and on our devices, it’s worth considering what sacrifices we might be making elsewhere.
Researcher Spotlight: Globetrotting with Yuri Kramarz
“You have completely different angles in preparing different customers for defense during major global events depending on their role, technology and function,” Kramarz said.
Threat Source newsletter (Sept. 29, 2022) — Personal health apps are currently under a spotlight, but their warning signs have always been there
A report from the Washington Post also released last week found that this app, as well as popular health sites like WebMD, “gave advertisers the information they’d need to market to people, or groups of consumers based on their health concerns.”
Threat Source newsletter (Sept. 22, 2022) — Attackers are already using student loan relief for scams
The Better Business Bureau and the U.S. Federal Trade Commission both released warnings over the past few weeks around fake offers, scams and website links related to the debt forgiveness plan, with which some borrowers will have up to $20,000 worth of loans forgiven.
Vulnerability Spotlight: Vulnerabilities in popular library affect Unix-based devices
TALOS-2022-1517 (CVE-2022-29503 - CVE-2022-29504) is a memory corruption vulnerability in uClibC and uClibc-ng that can occur if a malicious user repeatedly creates threads.