CVE-2023-23504: Apple Just Patched 19-Year-Old Kernel Vulnerability
This professor at Arizona State University maybe sounds a little too excited in their January 23rd research announcement: [Found a] heap underwrite vulnerability in XNU’s dlil.c (which handles network interfaces)…
Automation and Scalability in Red Team Assessments
Introduction: Red team assessments are a crucial component of an organization’s overall security posture, but the manual process of conducting these assessments can be time-consuming and resource-intensive. This is where…
How Does Data Recovery Works
Here, I will show you how data recovery works. A system may encounter data loss due to several reasons. It could be due to accidental deletion, overwriting, power outages, or…
Apple’s growth story is consistent and sustained
No matter the recent issues with Apple’s supply chain, the war in Ukraine, and COVID-19, when you zoom out, you’ll see a bigger picture of success for the company. It’s…
Experts warn of two flaws in popular open-source software ImageMagick
Experts disclosed details of two security flaws in the open-source software ImageMagick that could potentially lead to information disclosure or trigger a DoS condition. Researchers at Metabase Q discovered a couple of…
Romance fraud losses rose 91% during the pandemic, claims UK’s TSB bank
UK banking group TSB is calling on social networks and dating apps to better protect their users from fake profiles, following an alarming spike in romance fraud. Examining data from…
New HeadCrab Malware Hijacks 1,200 Redis Servers
Since September 2021, over a thousand vulnerable Redis servers online have been infected by a stealthy malware dubbed “HeadCrab”, designed to build a botnet that mines Monero cryptocurrency. At least…
NTT, Palo Alto partner for managed SASE with AIOps
Using a managed services provider to deliver SASE can streamline deployment and free up enterprise resources.
New Russian-Backed Gamaredon’s Spyware Variants Targeting Ukrainian Authorities
The State Cyber Protection Centre (SCPC) of Ukraine has called out the Russian state-sponsored threat actor known as Gamaredon for its targeted cyber attacks on public authorities and critical information infrastructure in…
What SOCs Need to Know About Water Dybbuk, A BEC Actor Using Open-Source Toolkits
We analyze a BEC campaign targeting large companies around the world that was leveraging open-source tools to stay under the radar.