October 10, 2023 at 10:48AM – SAP Releases 7 New Notes on October 2023 Patch Day

October 10, 2023 at 10:48AM German software maker SAP has released a total of seven new and two updated security notes as part of its October 2023 Security Patch Day. The most severe note updates the Chromium browser in SAP Business Client, fixing 37 vulnerabilities, including two critical ones. One critical flaw, CVE-2023-4863, is already … Read more

October 10, 2023 at 08:24AM – Researcher Conversations: Natalie Silvanovich From Google’s Project Zero

October 10, 2023 at 08:24AM Natalie Silvanovich, a member of Google’s Project Zero, discusses her work in finding and fixing zero-day vulnerabilities. Project Zero aims to make zero-day vulnerabilities difficult to exploit by attackers. Silvanovich explains the team’s disclosure policy, research process, and the necessary skills for being a successful researcher. She also touches on … Read more

October 9, 2023 at 10:26PM – Electric Power System Cybersecurity Vulnerabilities

October 9, 2023 at 10:26PM The electric power industry is facing increasing cyber threats due to digitalization and the interconnectedness of IT and OT systems. A webinar by Trend Micro discussed these challenges and provided solutions, including improving employee security awareness, job rotation between IT and OT departments, and automation of incident response. The webinar … Read more

October 9, 2023 at 04:11PM – ‘Looney Tunables’ Linux Flaw Sees Snowballing Proof-of-Concept Exploits

October 9, 2023 at 04:11PM Proof-of-concept (PoC) exploits for the critical buffer overflow vulnerability in the GNU C Library (glibc) have been developed, putting Linux systems at risk. The flaw, disclosed by Qualys researchers, could lead to unauthorized data access and system alterations, potentially granting attackers root privileges. Linux root takeovers are highly dangerous as … Read more