article thumbnail

Fat Patch Tuesday, February 2024 Edition

Krebs on Security

Top of the heap on this Fat Patch Tuesday is CVE-2024-21412 , a “security feature bypass” in the way Windows handles Internet Shortcut Files that Microsoft says is being targeted in active exploits. Microsoft Corp. msi) that in turn unloads a remote access trojan (RAT) onto infected Windows systems.

article thumbnail

The Top 24 Security Predictions for 2024 (Part 1)

Lohrman on Security

Where next for cyber in 2024? Here’s your annual roundup of cybersecurity forecasts, top cyber trends and cybersecurity industry prediction reports as we head into calendar year 2024.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

The Top 24 Security Predictions for 2024 (Part 2)

Lohrman on Security

Where next for cyber in 2024? Here’s part two of your annual roundup of cybersecurity forecasts, top cyber trends and cybersecurity industry prediction reports as we head into calendar year 2024.

article thumbnail

CVE-2024-22860 & CVE-2024-22862: Critical FFmpeg Remote Code Execution Flaws

Penetration Testing

Discovered through Google’s OSS-Fuzz service, three security vulnerabilities have been identified in its systems, two of which... The post CVE-2024-22860 & CVE-2024-22862: Critical FFmpeg Remote Code Execution Flaws appeared first on Penetration Testing.

article thumbnail

NGINX Releases Urgent Patch for HTTP/3 Vulnerabilities (CVE-2024-24989, CVE-2024-24990)

Penetration Testing

to address two critical vulnerabilities (CVE-2024-24989, CVE-2024-24990) lurking within its experimental HTTP/3 implementation. While this newer, faster protocol... The post NGINX Releases Urgent Patch for HTTP/3 Vulnerabilities (CVE-2024-24989, CVE-2024-24990) appeared first on Penetration Testing.

article thumbnail

Securing Tomorrow: Cybersecurity Review 2023 & Forecasting 2024 Threats – A Free Webinar With Joseph Steinberg and Dror Liwer

Joseph Steinberg

They will then shift our focus to the future, and help us forecast for 2024 with a forward-thinking exploration of anticipated cybersecurity challenges and advancements. Steinberg and Liwer will analyze the potential impact of emerging technologies, legislative changes, and geopolitical events on the cybersecurity landscape.

article thumbnail

CVE-2024-0985: PostgreSQL’s Critical Security Flaw Exposed

Penetration Testing

This vulnerability, designated CVE-2024-0985 (CVSS 8.0), could allow attackers to execute malicious code with... The post CVE-2024-0985: PostgreSQL’s Critical Security Flaw Exposed appeared first on Penetration Testing.