Latest Cybersecurity News and Articles
26 August 2024
A sophisticated Linux malware called 'sedexp' has been flying under the radar since 2022, utilizing a unique persistence technique not yet recognized by the MITRE ATT&CK framework.
26 August 2024
GenAI security measures are easily compromised, with 95% of experts expressing low confidence in their security. Attack methods specific to GenAI make it easy for anyone to manipulate applications, gain unauthorized access, and steal data.
26 August 2024
A memory-only dropper decrypts and executes a PowerShell-based downloader known as PEAKLIGHT, allowing for the distribution of malware such as Lumma Stealer, Hijack Loader, and CryptBot.
26 August 2024
Cybersecurity researchers are warning about the security risks in the machine learning (ML) software supply chain following the discovery of more than 20 vulnerabilities that could be exploited to target MLOps platforms.
These vulnerabilities, which are described as inherent- and implementation-based flaws, could have severe consequences, ranging from arbitrary code execution to loading
26 August 2024
Nowadays, sensitive and critical data is traveling in everyday business channels that offer only the basic level of security and encryption, and companies are often oblivious to the risk. A case in point: Disney suffered a devastating data leak by a hacktivist group known as NullBulge that got hold of over 1.2 terabytes of data from Disney's internal Slack messaging channels. The breach exposed
26 August 2024
The Kremlin attributed the widespread website disruptions in Russia to a DDoS attack, but digital experts disagree, stating that it is unlikely to target all 2,000 Russian telecom operators simultaneously.
26 August 2024
Researchers recently warned that Ecovacs vacuum and lawn mower robots could be hacked to spy on their owners, with one flaw that allows attackers to take over devices' cameras and microphones via Bluetooth.
26 August 2024
YouTube has launched an AI tool to help users recover hacked accounts more easily. The AI chatbot called "support assistant" will guide users through the process of securing their login and recovering their account.
26 August 2024
Meta Platforms revealed an Iranian hacker group targeting global political figures on WhatsApp. The Iranian state-sponsored threat actor APT42 used WhatsApp accounts to target individuals in Israel, Palestine, Iran, the U.K., and the U.S.
26 August 2024
The C-suite's lack of engagement in cybersecurity poses a significant risk despite the growing threat landscape. Organizations need to prioritize cyber-risk management to prevent financial losses and damage to their reputation.
26 August 2024
The vulnerability, CVE-2024-39717, allows administrators to upload a malicious file disguised as a PNG image through the "Change Favicon" feature in Versa Director's GUI.
26 August 2024
As per GetApp's 2024 Executive Cybersecurity Report, 72% of cybersecurity professionals in the US have reported attacks on senior executives in the past 18 months, with AI-generated deepfakes playing a role in 27% of these incidents.
26 August 2024
SolarWinds has fixed another critical bug in Web Help Desk, known as CVE-2024-28987. This flaw involves hardcoded credentials that can be exploited by remote unauthenticated users to access internal functions and alter data.
26 August 2024
Equiniti Trust Company, a financial services company, has been fined $850,000 by the Securities and Exchange Commission for failing to protect customer assets in two separate cyberattacks that resulted in the theft of over $6.6 million.
26 August 2024
Gartner's 2024 Hype Cycle for Emerging Technologies highlights autonomous AI, developer productivity, total experience, and human-centric security and privacy programs as the key technology trends to look out for.
26 August 2024
Two security vulnerabilities have been disclosed in the open-source Traccar GPS tracking system that could be potentially exploited by unauthenticated attackers to achieve remote code execution under certain circumstances.
Both the vulnerabilities are path traversal flaws and could be weaponized if guest registration is enabled, which is the default configuration for Traccar 5, Horizon3.ai
26 August 2024
Cybercriminals are continuously evolving their tactics, emphasizing the need for organizations to have continuous monitoring to detect suspicious activities, according to a report by Malwarebytes.
26 August 2024
The increasing connectivity of airplanes to data networks has prompted regulators to consider cybersecurity threats from various sources, including maintenance laptops, airport networks, wireless sensors, and satellite communications.
26 August 2024
Cybersecurity researchers have uncovered new Android malware that can relay victims' contactless payment data from physical credit and debit cards to an attacker-controlled device with the goal of conducting fraudulent operations.
The Slovak cybersecurity company is tracking the novel malware as NGate, stating it observed the crimeware campaign targeting three banks in Czechia.
The malware "has
25 August 2024
Pavel Durov, founder and chief executive of the popular messaging app Telegram, was arrested in France on Saturday, according to French television network TF1.
Durov is believed to have been apprehended pursuant to a warrant issued in connection with a preliminary police investigation.
TF1 said the probe was focused on a lack of content moderation on the instant messaging service, which the