This vulnerability allows local attackers to escalate privileges to SYSTEM level through a heap-based buffer overflow. With a CVSS score of 7.8, CVE-2024-38054 is a critical flaw patched by Microsoft in July.
Cyware News – Latest Cyber News – Read More
Meta platforms, alongside Telegram, are among the growing number of sites used as a form of contact in 45% of scams.
Latest stories for ZDNET in Security – Read More
Ticket scams are costing football fans close to £200 a season, on average, according to a report.
darkreading – Read More
Post Content
darkreading – Read More
The release of new NIST quantum-proof cryptography standards signals it’s time for cybersecurity teams to get serious about preparing for the rise of quantum threats.
darkreading – Read More
The disclosure of CVE-2024-28987 means that, in two weeks, there have been two critical bugs and corresponding patches for SolarWinds’ less-often-discussed IT help desk software.
darkreading – Read More
The malware is a customized variant of the powerful open source XenoRAT information stealing malware often deployed by Kimsuky and other DPRK APTs.
darkreading – Read More
A new malware called NGate allows cybercriminals to steal near field communication data from Android phones via sophisticated social engineering. The data is relayed to the fraudsters before being used to steal cash.
Security | TechRepublic – Read More
This malware allows attackers to emulate victims’ cards, enabling them to make unauthorized payments or withdraw cash from ATMs. The campaign has been active since November 2023.
Cyware News – Latest Cyber News – Read More