A newly disclosed Windows zero-day, dubbed RedSun, is the latest reminder that attackers do not need to break in if they can simply escalate. Discussed in Episode 367 of The 443 podcast, this vulnerability highlights how trusted system processes can be manipulated to gain full system-level access…
The cybersecurity landscape is shifting quickly. In Episode 361 of The443 Podcast, Marc Laliberte and Corey Nachreiner discuss three emerging issues shaping modern security: A critical authentication bypass in a popular JSON Web Token (JWT) library An autonomous AI bot exploiting GitHub repositories…
The past 18 months have been shaped by a surge in brute-force attacks and critical vulnerabilities (CVEs) targeting VPNs, authentication services, privilege elevation, and denial of service across the network security landscape. This timeline outlines key advisories and CVEs beginning with Cisco…
First it was Marks & Spencer. Then the Co-op and Harrods. Now the UK’s biggest carmaker, Jaguar Land Rover, has been hit by a cyber incident that has knocked out production lines and disrupted sales right at one of the busiest times of the year. It feels like these attacks are no longer isolated…
While the world was captivated by the first Harry Potter movie, cybercriminals were busy launching one of the first major web server worms. What Was Happening in the World: The 9/11 attacks in the United States profoundly shifted global security policies, increasing focus on cybersecurity and…