Please turn on your JavaScript for this page to function normally.
Logging Made Easy
Logging Made Easy: Free log management solution from CISA

CISA launched a new version of Logging Made Easy (LME), a straightforward log management solution for Windows-based devices that can be downloaded and self-installed for free. …

cybersecurity cheat sheets
10 essential cybersecurity cheat sheets available for free

Cheat sheets are concise, to-the-point references tailored for instant insights. This article provides a curated list of 10 essential cybersecurity cheat sheets, all free to …

patch tuesday
Microsoft fixes exploited WordPad, Skype for Business zero-days (CVE-2023-36563, CVE-2023-41763)

On this October 2023 Patch Tuesday, Microsoft has released 103 patches and has fixed three actively exploited vulnerabilities (CVE-2023-36563, CVE-2023-41763, CVE-2023-44487). …

malware
Fake Bitwarden installation packages delivered RAT to Windows users

Windows users looking to install the Bitwarden password manager may have inadvertently installed a remote access trojan (RAT). The ZenRAT malware A malicious website spoofing …

Kubernetes
Kubernetes vulnerability allows RCE on Windows endpoints (CVE-2023-3676)

Three high-severity Kubernetes vulnerabilities (CVE-2023-3676, CVE-2023-3893, CVE-2023-3955) could allow attackers to execute code remotely and gain control over all Windows …

LockBit leaks sensitive data from maximum security fence manufacturer

The LockBit ransomware group has breached Zaun, a UK-based manufacturer of fencing systems for military sites and critical utilities, by compromising a legacy computer running …

WinRAR
Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831)

Financially-motivated attackers have exploited a zero-day vulnerability in WinRAR (CVE-2023-38831) to trick traders into installing malware that would allow them to steal …

WinRAR
WinRAR vulnerable to remote code execution, patch now! (CVE-2023-40477)

RARLAB has fixed a high-severity RCE vulnerability (CVE-2023-40477) in the popular file archiver tool WinRAR. About CVE-2023-40477 A widely used Windows-only utility, WinRAR …

Stremio
CyFox disclose Stremio vulnerability, developers don’t agree on findings

UPDATE: August 2, 10:21 AM PT The Stremio team published a blog post saying that they’ve received a report from CyFox, but that they did not consider it valid, so they …

patch tuesday
Microsoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884)

For July 2023 Patch Tuesday, Microsoft has delivered 130 patches; among them are four for vulnerabilites actively exploited by attackers, but no patch for CVE-2023-36884, an …

Cisco
PoC exploit released for Cisco AnyConnect, Secure Client vulnerability (CVE-2023-20178)

Proof-of-concept (PoC) exploit code for the high-severity vulnerability (CVE-2023-20178) in Cisco Secure Client Software for Windows and Cisco AnyConnect Secure Mobility …

patch tuesday
June 2023 Patch Tuesday: Critical patches for Microsoft Windows, SharePoint, Exchange

For June 2023 Patch Tuesday, Microsoft has delivered 70 new patches but, for once, none of the fixed vulnerabilities are currently exploited by attackers nor were publicly …

Don't miss

Cybersecurity news