Ghidra data type archive for Windows driver functions
Cisco Talos is releasing a GDT file on GitHub that contains various definitions for functions and data types.
Vulnerability in popular PDF reader could lead to arbitrary code execution; Multiple issues in GNOME project
Talos also discovered three vulnerabilities in Veertu’s Anka Build, a suite of software designed to test macOS or iOS applications in CI/CD environments.
Largest Patch Tuesday since July includes two exploited in the wild, three critical vulnerabilities
The two vulnerabilities that Microsoft reports have been actively exploited in the wild and are publicly known are both rated as only being of “moderate” severity.
CISA is warning us (again) about the threat to critical infrastructure networks
Despite what lessons we thought we learned from Colonial Pipeline, none of those lessons have been able to be put into practice.
Threat actor believed to be spreading new MedusaLocker variant since 2022
The malware, called "BabyLockerKZ," has primarily affected users in Europe and South America.
Are hardware supply chain attacks “cyber attacks?”
It shouldn’t just be viewed as a cybersecurity issue, because for a hardware supply chain attack, an adversary would likely need to physically infiltrate or tamper with the manufacturing process.
Simple Mail Transfer Pirates: How threat actors are abusing third-party infrastructure to send spam
Many spammers have elected to attack web pages and mail servers of legitimate organizations, so they may use these “pirated” resources to send unsolicited email.
Talos discovers denial-of-service vulnerability in Microsoft Audio Bus; Potential remote code execution in popular open-source PLC
Talos researchers have disclosed three vulnerabilities in OpenPLC, a popular open-source programmable logic controller.
Talk of election security is good, but we still need more money to solve the problem
This year, Congress only allocated $55 million in federal grant dollars to states for security and other election improvements.