trivial

  • A pair of newly-disclosed vulnerabilities in a widely-used remote desktop access application beloved of managed services providers (MSPs) is drawing comparisons to the July 2021 cyber attack on Kaseya, with security experts describing exploitation as trivial.

    Read More

  • Update February 14, 16:50 EST: Article and title revised after Microsoft retracted the “active exploitation” update added to the CVE-2024-21413 advisory. Microsoft says remote unauthenticated attackers can trivially exploit a critical Outlook security vulnerability that also lets them bypass the Office Protected View. Discovered by Check Point vulnerability researcher Haifei Li and tracked as CVE-2024-21413, this…

    Read More

  • Anti-analysis features in phishing pages – especially in those, which threat actors send out as e-mail attachments – are nothing new[1,2]. Nevertheless, sometimes the way that these mechanisms are implemented may still leave one somewhat mystified. This has happened to me a few weeks ago when I found what appeared to be a generic phishing…

    Read More

  • Researchers from the University of Maryland (UMD) were able to easily evade the current methods of AI watermarking during testing and found it even easier to add fake emblems to images that weren’t generated by AI. “But beyond testing how easy it is to evade watermarks, one UMD team notably developed a watermark that is…

    Read More