local
-
Get stories like these delivered straight to your inbox. Sign up for The 74 Newsletter
-
Many local cyber budgets sufficient to address threats, report shows | StateScoop Skip to main content
-
Edward Amoroso [Editor’s note: This article is a guest post by TAG CEO and founder Ed Amoroso.]
-
Russia’s Federal Security Service (FSB) announced that it had detained a Moscow resident for conducting distributed denial-of-service (DDoS) attacks during local elections in September, targeting infrastructure in the capital and the Moscow region.
-
Ukraine is confronting a new cyberattack vector from Russian military intelligence (GRU) connected hackers that is targeting local governments. The Computer Emergency Response Team of Ukraine (CERT-UA) recently uncovered an advanced phishing campaign by the Russian GRU-linked APT28, or “Fancy Bear.” Using a novel approach, attackers lure recipients into executing malicious PowerShell commands directly from…
-
We thought “yellow journalism” was bad. Now, so-called “pink slime” news sites peddling politically biased stories and misinformation are filling an information void left by a US local news industry in rapid decline. What can be done to protect consumers and the integrity of online news in this environment? And how much of a threat…
-
Blog: Vulnerability Advisory TL;DR Nginx container on Milesight DeviceHub includes MQTT private key store Can download MQTT private keys across network Milesight eventually responded and issued a firmware update Unauthenticated local file disclosure on Milesight DeviceHub CVSS: 6.5 (Medium) CVSS:3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N Product: DeviceHub LNS Vulnerable Version: 1.0.1 Fixed Version: 1.0.3 CVE-2024-46530 An unauthenticated local file…
-
In July, Progress, a used-clothes trader, disembarked from his bus at Pretoria’s main station. The night was dark, and he knew that violent assault was a serious risk in the South African capital.
-
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Deep Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
-
Human Rights Watch (HRW) called on the Tanzanian government on Wednesday to address the increasing human rights violations ahead of local elections in mainland Tanzania scheduled for November 27, 2024.
-
=============================================================================================================================================| # Title : TerraMaster TOS 4.2.29 Code Injection Vulnerability || # Author : indoushka || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 130.0.2 (64 bits) || # Vendor : https://www.terra-master.com/global/alltos/ |=============================================================================================================================================
-
SEC Consult Vulnerability Lab Security Advisory < 20241009-0 >=======================================================================title: Local Privilege Escalation via MSI installerproduct: Palo Alto Networks GlobalProtectvulnerable version: 5.1.x, 5.2.x, 6.0.x, 6.1.x, <6.2.5, 6.3.xfixed version: >=6.2.5, all other versions are not patched yetCVE number: CVE-2024-9473impact: highhomepage: https://docs.paloaltonetworks.com/globalprotectfound: 2023-11-16by: Michael Baer (Office Fürth)SEC Consult Vulnerability Lab
-
SSA-426509 V1.0: Multiple Local Code Execution Vulnerabilities in Questa and ModelSim Before V2024.3
·
TERMS OF USE Siemens Security Advisories are subject to the terms and conditions contained in Siemens’ underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter “License Terms”). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens’…
-
When we think of casinos, glitz, and glamour often steal the spotlight. Yet beneath the surface lies a complex web of economic impacts that ripple through local communities. Casinos can be powerful engines for economic growth, offering jobs, boosting tourism, and generating tax revenue. However, they also bring challenges like increased crime rates and potential…
-
Security researcher mbog14 has published the technical details and proof-of-concept for a critical local privilege escalation (LPE) vulnerability affecting iTunes version 12.13.2.3, identified as CVE-2024-44193 (CVSS 8.4). This flaw, which has since been patched by Apple as of September 12, 2024, allows an attacker to gain SYSTEM-level access on Windows machines through an exploit involving…
-
SEC Consult Vulnerability Lab Security Advisory < 20240930-0 >=======================================================================title: Local Privilege Escalation via MSI Installerproduct: Nitro PDF Provulnerable version: <14.26.1.0<13.70.8.82fixed version: 14.26.1.0 or higher13.70.8.82 or higherCVE number: CVE-2024-35288impact: highhomepage: https://www.gonitro.com/found: 2023-12-19by: Sandro EinfeldtMichael Baer (Office Munich)SEC Consult Vulnerability Lab
-
In a significant development for the cybersecurity community, researchers have published technical details and a proof-of-concept (PoC) exploit for a newly identified vulnerability in the Linux kernel, designated as CVE-2024-26808. This critical flaw affects Linux kernel versions from v5.9 to v6.6 and has been addressed in a recent commit to the kernel’s codebase.
-
In a significant development for the cybersecurity community, researchers have published technical details and a proof-of-concept (PoC) exploit for a newly identified vulnerability in the Linux kernel, designated as CVE-2024-26808. This critical flaw affects Linux kernel versions from v5.9 to v6.6 and has been addressed in a recent commit to the kernel’s codebase.
-
SecurityWeek reports that updates have been released by ESET for a pair of local privilege escalation flaws in its offerings for Windows and macOS.