ENISA: Software vulnerability prevention initiatives
The European Network and Information Security Agency, ENISA, has compiled a list of existing initiatives focused on finding and preventing software vulnerabilities.
Similar Posts
Loan applications, drivers licences, personal data of 440k Aussies exposed after hacker hits Sydney finance tech company youX
Bys sEmma Kirk reports: A hacker has exposed personal data belonging to hundreds of thousands of Australians it allegedly stole from a Sydney finance technology company. Finance platform youX confirmed its systems were accessed by an unauthorised third party during a cyber security incident last week. […] A hacker has claimed to have stolen the personal……
BatShadow Group Uses New Go-Based ‘Vampire Bot’ Malware to Hunt Job Seekers
Bys sA Vietnamese threat actor named BatShadow has been attributed to a new campaign that leverages social engineering tactics to deceive job seekers and digital marketing professionals to deliver a previously undocumented malware called Vampire Bot. “The attackers pose as recruiters, distributing malicious files disguised as job descriptions and corporate documents,” Aryaka Threat Research Labs
Exploit Code Published for Potentially Dangerous Windows LDAP Vulnerability
Proof-of-concept (PoC) code was published for CVE-2024-49113, a denial-of-service (DoS) vulnerability in Windows LDAP. The post Exploit Code Published for Potentially Dangerous Windows LDAP Vulnerability appeared first on SecurityWeek.
Silent Lynx Using PowerShell, Golang, and C++ Loaders in Multi-Stage Cyberattacks
Bys sA previously undocumented threat actor known as Silent Lynx has been linked to cyber attacks targeting various entities in Kyrgyzstan and Turkmenistan. “This threat group has previously targeted entities around Eastern Europe and Central Asian government think tanks involved in economic decision making and banking sector,” Seqrite Labs researcher Subhajeet Singha said in a technical…
Four Threat Clusters Using CastleLoader as GrayBravo Expands Its Malware Service Infrastructure
Bys sFour distinct threat activity clusters have been observed leveraging a malware loader known as CastleLoader, strengthening the previous assessment that the tool is offered to other threat actors under a malware-as-a-service (MaaS) model. The threat actor behind CastleLoader has been assigned the name GrayBravo by Recorded Future’s Insikt Group, which was previously tracking it as…
Hacker Used Anthropic’s Claude to Steal Sensitive Mexican Data
Bys sAndrew Martin and Caroline Millan report: A hacker exploited Anthropic PBC’s artificial intelligence chatbot to carry out a series of attacks against Mexican government agencies, resulting in the theft of a huge trove of sensitive tax and voter information, according to cybersecurity researchers. The unknown Claude user wrote Spanish-language prompts for the chatbot to act as……