The Hacker News Daily Updates

Critical RCE flaw found in mv2 Javascript Sandbox.

Views expressed in this cybersecurity, cybercrime, and cyber espionage update are those of the reporters and correspondents.  Accessed on 11 October 2022, 2001 UTC. Content provided by email subscription to "The Hacker News Daily Updates."

Source:  https://mail.google.com/mail/u/0/?tab=rm&ogbl#inbox/FMfcgzGqQvvQGtFDsHXKbwVWPhCwRlzk

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts

https://www.hawaiicybersecurityjournal.net

https://paper.li/RussellRoberts (machine learning, artificial intelligence, IoT, information security)

The Hacker News Daily Updates
Newsletter
cover

Trending Evil 3 - Findings from Mandiant Managed Defense

Based on Mandiant Managed Defense Data from April - June 2022

Download NowSponsored
LATEST NEWSOct 11, 2022

Researchers Detail Critical RCE Flaw Reported in Popular vm2 JavaScript Sandbox

A now-patched security flaw in the vm2 JavaScript sandbox module could be abused by a remote adversary to break out of security barriers and perform arbitrary operations on the underlying machine. "A threat actor can bypass the sandbox protections to gain remote code execution rights on the host ...

Read More
TwitterFacebookLinkedIn

The Latest Funding News and What it Means for Cyber Security in 2023

The White House has recently announced a $1 billion cyber security grant program that is designed to help state and local governments improve their cyber defenses, especially about protecting critical infrastructure. The recent executive order stems from the $1.2 trillion infrastructure bill that ...

Read More
TwitterFacebookLinkedIn

Researchers Warn of New Phishing-as-a-Service Being Used by Cyber Criminals

Cyber criminals are using a previously undocumented phishing-as-a-service (PhaaS) toolkit called Caffeine to effectively scale up their attacks and distribute nefarious payloads. "This platform has an intuitive interface and comes at a relatively low cost while providing a multitude of features ...

Read More
TwitterFacebookLinkedIn

Fortinet Warns of Active Exploitation of Newly Discovered Critical Auth Bypass Bug

Fortinet on Monday revealed that the newly patched critical security vulnerability impacting its firewall and proxy products is being actively exploited in the wild. Tracked as CVE-2022-40684 (CVSS score: 9.6), the flaw relates to an authentication bypass in FortiOS, FortiProxy, and ...

Read More
TwitterFacebookLinkedIn

Researchers Detail Malicious Tools Used by Cyber Espionage Group Earth Aughisky

A new piece of research has detailed the increasingly sophisticated nature of the malware toolset employed by an advanced persistent threat (APT) group named Earth Aughisky. "Over the last decade, the group has continued to make adjustments in the tools and malware deployments on specific targets ...

Read More
TwitterFacebookLinkedIn
cover

Trending Evil 3 - Findings from Mandiant Managed Defense

Based on Mandiant Managed Defense Data from April - June 2022

Download NowSponsored

Comments

Popular posts from this blog

SecurityWeek Briefing.

Cyber War Newswire

SecurityWeek Briefing.