!security
@lemmy.mlhttps://www.youtube.com/watch?v=Rg_VPMT0XXw
Auf YouTube findest du die angesagtesten Videos und Tracks. Außerdem kannst du eigene Inhalte hochladen und mit Freunden oder gleich der ganzen Welt teilen.
https://xcancel.com/_markel___/status/1828112469010596347
https://wihkum.com/
Wihkum provides mobile safety solutions for schools. Our crisis management software ensures student safety. Request a free demo!
https://cybersecuritynews.com/onnx-bot-hijacks-microsoft-365-accounts-even-bypass-2fa/
https://iverify.io/blog/iverify-discovers-android-vulnerability-impacting-millions-of-pixel-devices-around-the-world
iVerify discovered an Android package, with excessive system privileges on a very large percentage of Pixel devices shipped worldwide.
https://thehackernews.com/2024/08/0000-day-18-year-old-browser.html
Critical 0.0.0.0 Day browser vulnerability discovered, impacting Chrome, Firefox, Safari. Exploits local networks on MacOS and Linux
https://www.microsoft.com/en-us/security/blog/2024/07/29/ransomware-operators-exploit-esxi-hypervisor-vulnerability-for-mass-encryption/
Microsoft Security researchers have observed a vulnerability used by various ransomware operators to get full administrative access to domain-joined ESXi hypervisors and encrypt the virtual machines running on them. The vulnerability involves creating a group called “ESX Admins” in Active Directory and adding an attacker-controlled user account to this group. This manipulation of the Active Directory group takes advantage of a privilege escalation vulnerability (CVE-2024-37085) in ESXi hypervisors that grants the added user full administrative access to the ESXi hypervisor. The vulnerability was fixed by VMware in their June release and ESXi administrators should install this security update.
https://www.bleepingcomputer.com/news/security/signal-downplays-encryption-key-flaw-fixes-it-after-x-drama/
https://github.com/cve-search/vulnerability-lookup/
Vulnerability Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streamlines the management of Coordinated Vulnerability Disclosure ...