In the latest Decipher Memory Safe episode, Casey Ellis, founder and CTO of Bugcrowd, talks about everything from imposter syndrome to the security concept of “building it like it’s broken.”
A new phishing campaign by a subset of the Iranian threat group Mint Sandstorm is targeting universities and research organizations with custom backdoors.
For patching, VMware said that "this situation qualifies as an emergency change."
The flaw (CVE-2023-7028) stems from the fact that user account password reset emails can be delivered to unverified email addresses.
An unidentified APT group is actively exploiting the two recently disclosed Ivanti Pulse Secure and Connect Secure vulnerabilities (CVE-2023-46805 and CVE-2024-21887).