Exploit Code Published for Ivanti Sentry Flaw

Researchers have published working exploit code for the Ivanti Sentry CVE-2023-38035 flaw.

Researchers Uncover New Lazarus Group Malware Details

The group reused its infrastructure in attacks against internet infrastructure and healthcare organizations in the U.S. and UK, allowing researchers to unearth details about its newest malware tools.

Ivanti Warns of Actively Exploited Flaw in Sentry

Ivanti on Tuesday said it “has been informed that CVE-2023-38035 was exploited after exploiting CVE-2023-35078 and CVE-2023-35081.”

Serious RCE Bug Fixed in WinRAR

The makers of WinRAR have released a new version that fixes a serious remote code execution flaw (CVE-2023-4407) in the compression utility.

Decipher Podcast: Greg Notch

At Black Hat USA, Greg Notch, CISO at Expel, talked about his previous experiences as the former NHL CISO and how to effectively communicate security risk at the board level.