Vulnerability ManagementCertiK researchers accused of stealing $3M before reporting crypto bugLaura FrenchJune 20, 2024Kraken Exchange’s CSO claims the researchers used its bug bounty program to extort the company.
Vulnerability ManagementPhoenix SecureCode UEFI firmware bug could affect millions of Intel-based laptopsSteve ZurierJune 20, 2024Flaw could cause buffer overflow and malicious code execution.
Network SecurityVMware fixes 2 critical bugs; check if your vCenter Server is affectedLaura FrenchJune 18, 2024The heap overflow flaws affect vSphere and Cloud Foundation and could enable RCE.
Network SecurityWidespread severe Asus router vulnerabilities addressedSC StaffJune 18, 2024Updates have been issued by Asus to remediate critical vulnerabilities impacting several of its router models, according to Ars Technica.
Network SecuritySpeculative ‘TikTag’ vulnerability leaves ARM processors open to attackShaun NicholsJune 17, 2024A newly detailed speculative attack vulnerability could leave devices using ARM CPUs more vulnerable to attack.
Vulnerability ManagementTrust in Microsoft, Apple, and the Holy AI, Moonstone Sleet, Cheating, Joshua Marpet – SWN #393June 14, 2024Trust in Microsoft, Apple, and the Holy AI, Amen, Moonstone Sleet, Cheating, Joshua Marpet, and More, on this edition of the Security Weekly News.
Vulnerability ManagementThree ways to jump-start a vulnerability management team Shaun Kummer June 14, 2024By investing in people, streamlining processes, and consolidating tools, companies can jump-start their vulnerability management teams.
RansomwareBlack Basta exploits patched Windows privilege escalation bugSteve ZurierJune 12, 2024Security pros say while the bug was patched, many companies likely have not patched it because the bug had a CVSS score below 8.