Security Intelligence

U.S. proposes ban on Chinese/Russian connected vehicles

White House proposes a ban on the import and sale of connected vehicles built by companies with a Chinese or Russian...

Security Intelligence

Another critical vulnerability in Ivanti CSA exploited

Ivanti is reporting that a new vulnerability in its Cloud Service Appliance (CSA) is being actively exploited in the...

Security Intelligence

GitLab patches max-severity authentication bypass vulnerability

GitLab has released an update to address a maximum-severity SAML vulnerability in self-managed deployments.

Security Intelligence

FBI derails Chinese ‘Raptor Train’

FBI dismantles massive China-linked botnet, dubbed ‘Raptor Train’, consisting of 260,000+ compromised small office/home...

Security Intelligence

Lazarus targets aerospace and energy job seekers

Lazarus once again leveraging job-themed attack vector to target job seekers in the energy and aerospace industry.

Security Intelligence

SolarWinds patches two Access Rights Manager vulnerabilities

SolarWinds releases updates to address two vulnerabilities in its Access Rights Manager (ARM) software.

Security Intelligence

Exploit available for critical Ivanti EPM vulnerability, patch now

Proof-of-concept (PoC) exploit code for a critical vulnerability in Ivanti’s Endpoint Management (EPM) software...

Security Intelligence

High-severity vulnerability in Ivanti Cloud Service actively exploited

Recently patched high-severity vulnerability in its Ivanti CSA actively exploited by threat actors to conduct remote...

Security Intelligence

Malware annoys victims into giving up Google password

New Amadey malware designed to annoy and frustrate victims into giving up Google credentials.

Security Intelligence

GitLab patches highly critical pipeline job execution flaw

GitLab has released updates to address multiple recently discovered vulnerabilities, one of which is highly critical...

Security Intelligence

Lazarus tricks job seeking developers with malware-laced coding test

Lazarus tricks job seeking developers into completing coding test containing malware.

Security Intelligence

Microsoft patches critical Windows 10 ‘Downdate’ flaw

A new Microsoft patch addresses the zero-day vulnerability, CVE-2024-43491, that affects Servicing Stack, the component...