Novel Exploit Chain Enables Windows UAC Bypass Adversaries can exploit CVE-2024-6769 to jump from regular to admin access without triggering UAC, but Microsoft says it's not really a vulnerability.
FERC Outlines Supply Chain Security Rules for Power Plants The US Federal Energy Regulatory Commission spelled out what electric utilities should do to protect their software supply chains, as well as their network "trust zones."
LATEST FROM DR TECHNOLOGY
Reachability Analysis Pares Down Static Security-Testing Overload For development teams awash in vulnerability reports, reachability analysis can help tame the chaos and offer another path to prioritize exploitable issues.
Meet UNC1860: Iran's Low-Key Access Broker for State Hackers The group has used more than 30 custom tools to target high-value government and telecommunications organizations on behalf of Iranian intelligence services, researchers say.