CVEs

Security agency adds CVE-2012-4792 to its catalogue of known vulns and warns it can "execute arbitrary code via a crafted web site"

Threat actors use CVE-2024-38112 to bring the remains of Internet Explorer back to life as a 'zombie' hellbent on stealing valuable data.

“This could be a new era for packet rate attacks: with botnets possibly capable of issuing billions of packets per second. It could seriously challenge how anti-DDoS infrastructures are built and scaled."

Security researchers regularly chafe at the deafening silence when they report a critical vulnerability in software: White Hats simply wanting to help organisations fix their cybersecurity all too often still find themselves being ignored – or worse, threatened with legal action when trying to help publicly exposed organisations that have not

It’s that time of the month again: Microsoft has pushed out 98 security patches for January’s Patch Tuesday: 11 are critical, one CVE-2023-21674 is being actively exploited and another gives unauthenticated remote access to your SharePoint Server – and requires not just the patch but a “SharePoint upgrade action”