Article

Articles about computers, malicious software and recent computer news.

malware

US warns against active abuse of Dirty Pipe leak in Linux

The US government has issued a warning that attackers are actively exploiting the Dirty Pipe vulnerability in Linux. The vulnerability allows a local user to gain root privileges. Government agencies in the US have been instructed to fix the vulnerability in their systems before May 16.

malware

EFF: Anonymous Twitter Accounts Are Essential for Users

The ability to be anonymous on Twitter is essential for users and an important part of freedom of expression, the EFF believes. The American civil rights movement is concerned that new owner Elon Musk does not fully appreciate the human rights value of pseudonymous speech.

malware

British government discovers new variant of spy malware SparrowDoor

Last year, the UK’s National Cyber ​​Security Center (NCSC) found a variant of the spy malware SparrowDoor on an undisclosed UK network. An analysis of the variant was published today, which can now steal data from the clipboard, among other things. In addition, indicators of compromise and Yara rules have been made available that allow …

British government discovers new variant of spy malware SparrowDoor Read More »

malware

NCSC: logging in with password is the most insecure form of authentication

Logging in with a username and password is the most insecure form of authentication. Organizations that want to better protect their accounts are therefore advised to choose stronger authentication methods, such as two-factor authentication (2FA) and the FIDO2 standard from the FIDO Alliance. This is stated by the National Cyber ​​Security Center (NCSC) in a …

NCSC: logging in with password is the most insecure form of authentication Read More »

malware

Homeland Security bug bounty program yields 122 vulnerabilities

The first bug bounty program organized by the US Department of Homeland Security has revealed a total of 122 vulnerabilities, 27 of which have been labeled critical. Last December, Homeland Security launched the “Hack DHS” program. The program consists of three phases. First, a model was developed that other government agencies can also use to …

Homeland Security bug bounty program yields 122 vulnerabilities Read More »