MATLOCK.CA
101Articles
9Categories
2024-05-02Date
🚨
CISA Adds GitLab Flaw to its Known Exploited Vulnerabilities CatalogThis flaw allows for an account takeover via Password Reset, enabling attackers to hijack accounts without any interaction. The affected versions range from 16.1 to 16.7, with GitLab releasing patches for versions 16.1.6 to 16.7.2.
KEVSECURITYAFFAIRS.COM — 02 May 2024
🚨
CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate Directory Traversal VulnerabilitiesToday, CISA and the Federal Bureau of Investigation (FBI) released a joint Secure by Design Alert, Eliminating Directory Traversal Vulnerabilities in Software . This Alert was crafted in response to recent well-publicized threat actor campaigns that exploited directory traversal …
KEVCISA.GOV — Thu, 02 May 24 1
🐛
CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability
KEVTHEHACKERNEWS.COM — 02 May 2024
🐛
New "Goldoon" Botnet Targets D-Link Routers With Decade-Old Flaw
THEHACKERNEWS.COM — 02 May 2024
🐛
New Goldoon Botnet Targeting D-Link Devices Using Decade-Old Flaw
FORTINET.COM — 02 May 2024
🐛
ArubaOS Critical Vulnerability Let Attackers Execute Remote Code
GBHACKERS.COM — 02 May 2024
🐛
Scans Probing for LB-Link and Vinga WR-AC1200 routers CVE-2023-24796, (Thu, May 2nd)
ISC.SANS.EDU — 02 May 2024
🐛
Chromium: CVE-2024-4331 Use after free in Picture In Picture
MSRC.MICROSOFT.COM — 02 May 2024
🐛
Chromium: CVE-2024-4368 Use after free in Dawn
MSRC.MICROSOFT.COM — 02 May 2024
⚠️
Panda Restaurant Corporate Systems Hacked: Customer Data Exposed
GBHACKERS.COM — 02 May 2024
⚠️
Biden delivers updated take on security for critical infrastructure
CSOONLINE.COM — 02 May 2024
⚠️
Most interesting products to see at RSAC 2024
CSOONLINE.COM — 02 May 2024
⚠️
RSAC Fireside Chat: How the open-source community hustled to identify LLM vulnerabilities
LASTWATCHDOG.COM — 02 May 2024
⚠️
CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability
THEHACKERNEWS.COM — 2 May 2024
⚠️
UnitedHealth hack may impact a third of US citizens: CEO testimony
CSOONLINE.COM — 02 May 2024
⚠️
Dropbox Sign hack exposed user data, raises security concerns for e-sign industry
CSOONLINE.COM — 02 May 2024
⚠️
When is One Vulnerability Scanner Not Enough?
THEHACKERNEWS.COM — 02 May 2024
⚠️
Dropbox Discloses Breach of Digital Signature Service Affecting All Users
THEHACKERNEWS.COM — 02 May 2024
⚠️
Vulnerability Exploits Triple as Initial Access Point for Breaches
INFOSECURITY-MAGAZINE.COM — 02 May 2024
⚠️
HPE Aruba Networking Fixes Four Critical RCE Flaws in ArubaOS
BLEEPINGCOMPUTER.COM — 02 May 2024
⚠️
1,400 GitLab Servers Impacted by Exploited Vulnerability
SECURITYWEEK.COM — 02 May 2024
⚠️
Iranian hackers harvest credentials through advanced social engineering campaigns
CSOONLINE.COM — 02 May 2024
⚠️
Is it possible to use zero knowledge proofs to verify journalism sources?
INFOSEC.PUB — 2 May 2024
⚠️
1,400 GitLab Servers Impacted By Exploited Vulnerability
PACKETSTORMSECURITY.COM — 02 May 2024
⚠️
Verizon DBIR 2024 Shows Surge in Vulnerability Exploitation, Confirmed Data Breaches
SECURITYWEEK.COM — 02 May 2024
⚠️
VNC Is The Hacker’s New Remote Desktop Tool For Cyber Attacks
GBHACKERS.COM — 02 May 2024
⚠️
Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw
THEHACKERNEWS.COM — 02 May 2024
⚠️
CISA Releases Three Industrial Control Systems Advisories
CISA.GOV — Thu, 02 May 24 1
⚠️
Managed Service Provider Denies Being Source of Breach
DATABREACHTODAY.CO.UK — 2024-05-02
⚠️
EU plan to force messaging apps to scan for CSAM risks millions of false positives, experts warn
TECHCRUNCH.COM — 02 May 2024
⚠️
Police shuts down 12 fraud call centres, arrests 21 suspects
BLEEPINGCOMPUTER.COM — 02 May 2024
⚠️
Bitwarden launches new MFA Authenticator app for iOS, Android
BLEEPINGCOMPUTER.COM — 02 May 2024
⚠️
Breach Roundup: REvil Hacker Gets Nearly 14-Year Sentence
DATABREACHTODAY.CO.UK — 2024-05-02
⚠️
Critical Flaw in R Language Poses Supply Chain Risk
DATABREACHTODAY.CO.UK — 2024-05-02
📋
Attention all Windows Users! The Microsoft April Security Update Could Break Your VPN
GBHACKERS.COM — 02 May 2024
📋
The UK Bans Default Passwords
SCHNEIER.COM — 2024-05-02
📢
Russian Hackers Actively Attacking Small-scale Infrastructure Sectors
GBHACKERS.COM — 02 May 2024
📢
NCSC’s New Mobile Risk Model Aimed at “High-Threat” Firms
INFOSECURITY-MAGAZINE.COM — 02 May 2024
📢
Japan’s Kishida Unveils a Framework for Global Regulation of Generative AI
SECURITYWEEK.COM — 02 May 2024
📢
CISA urges software devs to weed out path traversal vulnerabilities
BLEEPINGCOMPUTER.COM — 02 May 2024
📢
Your Google Account allows you to create passkeys on your phone, computer and security keys
SECURITY.GOOGLEBLOG.COM — 2024-05-02
🔥
Change Healthcare Cyberattack Was Due to a Lack of Multifactor Authentication, UnitedHealth CEO says
SECURITYWEEK.COM — 02 May 2024
🔥
REvil Ransomware Affiliate Sentenced for 13 Years in Prison
GBHACKERS.COM — 02 May 2024
🔥
Dropbox Data Breach Impacts Customer Information
SECURITYWEEK.COM — 02 May 2024
🔥
Threat Actors Attacking MS-SQL Servers to Deploy Ransomware
GBHACKERS.COM — 02 May 2024
🔥
US Warns of Russian Hackers Targeting Operational Technology in Water Systems
NEXTGOV.COM — 02 May 2024
🔥
Dropbox Sees Breach of Legally Binding E-Signature Service
DATABREACHTODAY.CO.UK — 2024-05-02
🔥
AI is Creating a New Generation of Cyberattacks
HELPNETSECURITY.COM — 02 May 2024
🔥
LockBit, Black Basta, Play Dominate Ransomware in Q1 2024
INFOSECURITY-MAGAZINE.COM — 02 May 2024
🔥
2024 Data Breach Investigations Report: Most breaches involve a non-malicious human element
HELPNETSECURITY.COM — 2 May 2024
🔥
Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million
THEHACKERNEWS.COM — 02 May 2024
🔥
Hackers Claiming Breach of UAE Government Servers
GBHACKERS.COM — 02 May 2024
🔥
Hackers Compromised Dropbox eSignature Service
PACKETSTORMSECURITY.COM — 02 May 2024
🔥
REvil Ransomware Scum Gets 14 Years, $16 Million Fine
PACKETSTORMSECURITY.COM — 02 May 2024
🔥
REvil hacker behind Kaseya ransomware attack gets 13 years in prison
BLEEPINGCOMPUTER.COM — 02 May 2024
🔥
GoldDigger Malware Using Deep Fake AI Photos To Hijack Bank Accounts
GBHACKERS.COM — 02 May 2024
🔥
Dropbox Sign e-signature service hacked | Kaspersky official blog
KASPERSKY.COM — 02 May 2024
🔥
Ransomware Defense Startup Mimic Raises Hefty $27M Seed Round
SECURITYWEEK.COM — 02 May 2024
🔥
Analysis Shows 2023 to be “Worst Year for Phishing on Record”
KNOWBE4.COM — 02 May 2024
🔥
Rehab Hospital Chain Hack Affects 101,000; Facing 6 Lawsuits
DATABREACHTODAY.CO.UK — 2024-05-02
🕵️
Deepfake of Principal’s Voice Is the Latest Case of AI Being Used for Harm
SECURITYWEEK.COM — 02 May 2024
🕵️
ISC Stormcast For Thursday, May 2nd, 2024 https://isc.sans.edu/podcastdetail/8964, (Thu, May 2nd)
ISC.SANS.EDU — 02 May 2024
🕵️
USB Malware Attacks Targeting Industrial Systems Adapts LOL Tactics
GBHACKERS.COM — 02 May 2024
🕵️
Iranian Hackers Impersonate Journalists in Social Engineering Campaign
CYBERSCOOP.COM — 02 May 2024
🕵️
Digital fraud detection startup BioCatch hits $1.3B valuation as Permira buys majority stake
TECHCRUNCH.COM — 02 May 2024
🕵️
Prisma SASE 3.0 — Securing Work Where It Happens
PALOALTONETWORKS.COM — 02 May 2024
🕵️
The AWS S3 Denial of Wallet Amplification Attack
LIMBUS-MEDTEC.COM — 2 May 2024
🕵️
Russian Hackers Target Industrial Systems in North America, Europe
SECURITYWEEK.COM — 02 May 2024
🕵️
'Cuttlefish' Zero-Click Malware Steals Private Cloud Data
DARKREADING.COM — 2 May 2024
🕵️
News alert: LayerX Security raises $24M Series A funding for its ‘enterprise browser’ security platform
LASTWATCHDOG.COM — 02 May 2024
🕵️
Network Security Firm Corelight Raises $150 Million
SECURITYWEEK.COM — 02 May 2024
🕵️
Cuttlefish 0-click Malware Hijacks Routers & Captures Data
GBHACKERS.COM — 02 May 2024
🕵️
Kicking Off With Crypto - PSW #827
YOUTUBE.COM — 2024-05-02
🕵️
LayerX Security Raises $24M for its Browser Security Platform, Enabling Employees to Work Securely From Any Browser, Anywhere
GBHACKERS.COM — 02 May 2024
🕵️
Building the Right Vendor Ecosystem – a Guide to Making the Most of RSA Conference
SECURITYWEEK.COM — 02 May 2024
🕵️
AI Security Startup Apex Emerges From Stealth With Funding From OpenAI CEO
SECURITYWEEK.COM — 02 May 2024
🕵️
Startup Dealflow: New Investments at Resonance, RunReveal, StepSecurity, Insane Cyber
SECURITYWEEK.COM — 02 May 2024
🕵️
Under the Digital Radar: Defending Against People’s Republic of China’s Nation-State Cyber Threats to America’s Small Businesses
CISA.GOV — Thu, 02 May 24 1
🕵️
Cryptohack Roundup: Geosyn Fraud Lawsuit
DATABREACHTODAY.CO.UK — 2024-05-02
🕵️
Veracode CEO on Mastering Application Security in the AI Era
DATABREACHTODAY.CO.UK — 2024-05-02
🕵️
Is RogerLovesTaco$24 a Strong Password?
KNOWBE4.COM — 02 May 2024
🕵️
Permira Takes Majority Stake in BioCatch at $1.3B Valuation
DATABREACHTODAY.CO.UK — 2024-05-02
🕵️
Experts Say White House Memo Overlooks Space Cyber Risks
DATABREACHTODAY.CO.UK — 2024-05-02
🕵️
Microsoft introduces passkeys for consumer accounts
MICROSOFT.COM — 02 May 2024
🌐
New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials
THEHACKERNEWS.COM — 02 May 2024
🌐
SafeBase Raises $33M in Series B to Accelerate Vision for Friction-Free Security Reviews
FINANCE.YAHOO.COM — 02 May 2024
📡
Corelight Gets $150M to Expand Detection, Improve Workflows
BANKINFOSECURITY.COM — 02 May 2024
📡
How Kaspersky stores passwords | Kaspersky official blog
KASPERSKY.COM — 02 May 2024
📡
Cyber Startup Oasis Secures $35 Million Series A Extension, Doubles Valuation
CALCALISTECH.COM — 02 May 2024
📡
Deepfakes and AI-Driven Disinformation Threaten Polls
TRENDMICRO.COM — 02 May 2024
📡
Cybersecurity consultant arrested after allegedly extorting IT firm
BLEEPINGCOMPUTER.COM — 02 May 2024
📡
Hacker Free-For-All Fights For Control Of Home And Office Routers Everywhere
PACKETSTORMSECURITY.COM — 02 May 2024
📡
Here's Your Chance To Own A Decommissioned US Government Supercomputer
PACKETSTORMSECURITY.COM — 02 May 2024
📡
Microsoft won't fix Windows 0x80070643 errors, manual fix required
BLEEPINGCOMPUTER.COM — 02 May 2024
📡
Finnish Psychotherapy Center Cyber-Blackmailer Gets Six Years
THEREGISTER.COM — 02 May 2024
📡
Hackers Target New NATO Member Sweden with Surge of DDoS Attacks
INFOSECURITY-MAGAZINE.COM — 02 May 2024
📡
Protecting Model Updates in Privacy-Preserving Federated Learning: Part Two
NIST.GOV — 02 May 2024
📡
Google expands passkey support to its Advanced Protection Program ahead of the US presidential election
TECHCRUNCH.COM — 02 May 2024
📡
Microsoft warns of "Dirty Stream" attack impacting Android apps
BLEEPINGCOMPUTER.COM — 02 May 2024
📡
CEO who sold fake Cisco devices to US military gets 6 years in prison
BLEEPINGCOMPUTER.COM — 02 May 2024
📡
Adding insult to injury: crypto recovery scams
WELIVESECURITY.COM — 02 May 2024