VicOne and Zero Day Initiative (ZDI) to Lead Pwn2Own Automotive
Post Content
Post Content
Related
Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants
A critical token validation failure in Microsoft Entra ID (previously Azure Active Directory) could have allowed attackers to impersonate any user, including Global Administrators, across any tenant. The vulnerability, tracked as CVE-2025-55241, has been assigned the maximum CVSS score of 10.0. It has been described by Microsoft as a privilege escalation flaw in Azure Entra….
Scammers Spread False Support Info Using Legitimate Websites
In a new wrinkle on the tech support scam front, these search parameter injection attacks dupe victims into believing they are receiving technical help when they are actually speaking to fraudsters.
Preinstalled Apps on Ulefone, Krüger&Matz Phones Let Any App Reset Device, Steal PIN
Three security vulnerabilities have been disclosed in preloaded Android applications on smartphones from Ulefone and Krüger&Matz that could enable any app installed on the device to perform a factory reset and encrypt an application. A brief description of the three flaws is as follows – CVE-2024-13915 (CVSS score: 6.9) – A pre-installed “com.pri.factorytest” application on…
Mentorship and Diversity: Shaping the Next Generation of Cyber Experts
Patricia Voight, CISO at Webster Bank, shares her expertise on advancing cybersecurity careers, combating financial crimes, and championing diversity in a rapidly changing industry.
Navigating Privacy and Cybersecurity Laws in 2026 Will Prove Difficult
No matter what new laws or regulations make the cut for 2026, it’s clear that compliance challenges will persist and federal legislation will be limited.
Karl Triebes Joins Ivanti as Chief Product Officer
Post Content