News • Insights • Analysis
On August 8, 2023, Microsoft finally released a kernel patch for a class of vulnerabilities affecting Microsoft Windows since 2015. The vulnerabilities lead to elevation of privilege (EoP), which allows an account with user rights to gain SYSTEM privileges on Read More …
Two years ago, the Irish government fixed a vulnerability in its national COVID-19 vaccination portal that exposed the vaccination records of around a million residents. But details of the vulnerability weren’t revealed until this week after attempts to coordinate public Read More …
The Cybercrime Atlas, a massive undertaking that aims to disrupt cybercriminals across the globe, enters its operational phase in 2024, two years after organizers laid the groundwork at the RSA Conference.… Its members now include 20-plus law enforcement agencies, private-sector Read More …
As businesses look for faster and more flexible development frameworks, the use of containers and Kubernetes (K8s) continues to rise. While Kubernetes theoretically has several security advantages compared to traditional applications, it remains one of the top concerns for organizations Read More …
On Thursday (14 March 2024), NATO’s Defence Innovation Accelerator for the North Atlantic (DIANA) announced a major expansion of its transatlantic network of accelerator sites and test centres. DIANA’s network will now comprise 23 accelerator sites (up from 11) and Read More …
The CIA allegedly launched a secret operation to troll Chinese officials and turn public opinion against them through leaked intelligence and negative news on social media. Reuters reports the operation began in 2019 and was also aimed at causing paranoia Read More …
“Malvertising” is a popular way of attracting victims to malicious sites: an advertisement block is placed at the top of the search results, increasing the likelihood of users clicking the link. Sites at the top of search results also tend Read More …
The Zero Day Initiative (ZDI) recently uncovered a DarkGate campaign in mid-January 2024, which exploited CVE-2024-21412 through the use of fake software installers. During this campaign, users were lured using PDFs that contained Google DoubleClick Digital Marketing (DDM) open redirects Read More …
The European Parliament has passed its long awaited AI act that it hopes will provide the legal infrastructure for regulating artificial intelligence. While AI has contributed massively to increases in productivity and has resulted in major innovations in critical industries Read More …
A Chinese international purchasing agency has had its purchasing agency qualification revoked for serious risk of information leakage due to the company’s internal mismanagement and poor practices around managing sensitive data, the Equipment Development Department (EDD) of China’s Central Military Read More …
