98Articles
9Categories
2024-10-02Date
🚨 CISA KEV 1[−]
2 Oct KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its  Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2024-29824 Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious …CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 4[−]
2 OctResearchers Sound Alarm on Active Attacks Exploiting Critical Zimbra Postjournal FlawCybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor's Zimbra Collaboration. Enterprise security firm Proofpoint said it began observing the activity starting September 28, 2024. The attacks seek to exploit …THEHACKERNEWS.COM
2 OctNew Bluetooth Vulnerability Leak, Your Passcode to Hackers During PairingA recently discovered vulnerability in Bluetooth technology has raised significant security concerns. This flaw could allow hackers to intercept passcodes during the device pairing process, affecting a wide range of Bluetooth devices and potentially having far-reaching implicatio…GBHACKERS.COM
2 Oct14 underrated pentesting tools to round out your red team arsenalThe right tool can make or break a pentest or red team exercise. While many of the tools in Kali are tried and true, they are not always the best fit for every scenario. It is crucial to know where to turn for different needs, ensuring you’re adequately equipped to meet a variety…CSOONLINE.COM
2 OctAlert: Adobe Commerce and Magento Stores Under Attack from CosmicSting ExploitCybersecurity researchers have disclosed that 5% of all Adobe Commerce and Magento stores have been hacked by malicious actors by exploiting a security vulnerability dubbed CosmicSting. Tracked as CVE-2024-34102 (CVSS score: 9.8), the critical flaw relates to an improper restrict…THEHACKERNEWS.COM
⚠️ VULNERABILITY DISCLOSURE 26[−]
2 OctFCC orders T-Mobile to deliver zero trust and better MFAT-Mobile must complete the move to zero trust and improve authentication, along with implementing better data minimization and improving asset inventory, said a US Federal Communications Commission (FCC) consent decree that the commission published on Monday. The settlement stems…CSOONLINE.COM
2 OctZimbra RCE Vuln Under Attack Needs Immediate PatchingAttackers are actively targeting a severe remote code execution vulnerability that Zimbra recently disclosed in its SMTP server, heightening the urgency for affected organizations to patch vulnerable instances right away.DARKREADING.COM
2 OctRansomware explained: How it works and how to remove itWhat is ransomware? Ransomware is a form of malware that encrypts or blocks access to a victim’s files, data, or systems until a ransom is paid. When under such an attack, users are shown instructions for how to pay a fee to get the decryption key. The costs for enterprises hit w…CSOONLINE.COM
2 OctPolitical Manipulation with Massive AI Model-driven Misinformation and MicrotargetingIn today’s digitally connected world, political messaging and misinformation are becoming increasingly sophisticated. Political campaigns and misinformation efforts, particularly those that are well-funded, have significant societal impacts. These campaigns have historicall…SOPHOS.COM
2 Oct KEVCritical Zimbra Vulnerability Exploited One Day After PoC ReleaseA critical-severity vulnerability in Zimbra has been exploited in the wild to deploy a web shell on vulnerable servers. The post Critical Zimbra Vulnerability Exploited One Day After PoC Release appeared first on SecurityWeek .SECURITYWEEK.COM
2 OctLockbit dismantling progressesPolice authorities from 12 countries have carried out another concerted action as part of “Operation Cronos.” Mission-critical servers for the Lockbit infrastructure were shut down and four suspects said to be connected to the cybercriminals were arrested, Europol said in a news …CSOONLINE.COM
2 OctNew Bluetooth Vulnerability Leak, Your Passcode to Hackers During Pairingsubmitted by kid to cybersecurity 1 points | 0 comments https://gbhackers.com/new-bluetooth-vulnerability/SH.ITJUST.WORKS
2 OctCritical Zimbra Vulnerability Exploited One Day After PoC Releasesubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/critical-zimbra-vulnerability-exploited-one-day-after-poc-release/SH.ITJUST.WORKS
2 Oct KEVCritical Zimbra RCE flaw actively exploited to take over serversHackers are actively exploiting a recently disclosed RCE vulnerability in Zimbra email servers that can be triggered simply by sending specially crafted emails to the SMTP server. [...]BLEEPINGCOMPUTER.COM
2 OctDrayTek fixed critical flaws in over 700,000 exposed routersDrayTek has released security updates for multiple router models to address 14 vulnerabilities of varying severity, including a remote code execution flaw that received the maximum CVSS score of 10. [...]BLEEPINGCOMPUTER.COM
2 OctAlert: Over 700,000 DrayTek Routers Exposed to Hacking via 14 New VulnerabilitiesA little over a dozen new security vulnerabilities have been discovered in residential and enterprise routers manufactured by DrayTek that could be exploited to take over susceptible devices. "These vulnerabilities could enable attackers to take control of a router by injecting m…THEHACKERNEWS.COM
2 OctCritical Zimbra RCE flaw exploited to backdoor servers using emailsHackers are actively exploiting a recently disclosed RCE vulnerability in Zimbra email servers that can be triggered simply by sending specially crafted emails to the SMTP server. [...]BLEEPINGCOMPUTER.COM
2 OctCISA: Network switch RCE flaw impacts critical infrastructureU.S. cybersecurity agency CISA is warning about two critical vulnerabilities that allow authentication bypass and remote code execution in Optigo Networks ONS-S8 Aggregation Switch products used in critical infrastructure. [...]BLEEPINGCOMPUTER.COM
2 OctNew Bluetooth Vulnerability Leak, Your Passcode to Hackers During Pairingsubmitted by IllNess to securitynews 1 points | 0 comments https://gbhackers.com/new-bluetooth-vulnerability/INFOSEC.PUB
2 OctQuestioning security of hardware security keyssubmitted by beirdobaggins to cybersecurity 1 points | 0 comments I have a question about hardware security keys. Like a yubikey. I have not actually used one before so maybe I am missing some critical information. Aren’t they inherently less secure than a TOTP code? If someone (…SH.ITJUST.WORKS
2 OctCloudflare reports thwarting the largest-ever publicly disclosed DDoS attackContent distribution network Cloudflare has reported mitigating the largest distributed denial-of-service (DDoS) attack seen to date. The attack by unknown perpetrators, observed in September, was part of a bigger campaign of more than 100 attacks that constantly exceeded three t…CSOONLINE.COM
2 OctHow Are We Going to Fill 4.8 Million Cybersecurity Jobs?CISO Jon France on Talent Shortage, Skills Gap in ISC2's 2024 Workforce Study ISC2’s 2024 Cybersecurity Workforce Study warns of a stagnant workforce, a growing skills gap and a shortage of 4.8 million cybersecurity professionals worldwide. Despite increasing demand, many organiz…DATABREACHTODAY.CO.UK
2 OctZero-Day Breach at Rackspace Sparks Vendor Blame GameA breach at Rackspace exposes the fragility of the software supply chain, triggering a blame game among vendors over an exploited zero-day. The post Zero-Day Breach at Rackspace Sparks Vendor Blame Game appeared first on SecurityWeek .SECURITYWEEK.COM
2 OctMore Car Hacks, CUPS Vulns, Microsoft's SFI, Memory Safety, Password Complexity - ASW #301More remote car control via web interfaces, an RCE in CUPS, Microsoft reduces attack surface, migrating to memory safety, dealing with dependency confusion, getting rid of password strength calculators, and more! Visit https://www.securityweekly.com/asw for all the latest episode…YOUTUBE.COM
2 OctCybercrime is Still Evil Incorporated, But Disruptions HelpNaming and Sanctioning Cybercrime Syndicate Members Has Repercussions, Police Say Western law enforcement may not be able to bust every last Russian cybercrime suspect, but newly revealed efforts against Evil Corp and LockBit reveal suspects arrested while on vacation, as well as…DATABREACHTODAY.CO.UK
2 Oct KEVCritical Ivanti RCE flaw with public exploit now used in attacksCISA warned today that a critical Ivanti vulnerability that can let threat actors gain remote code execution on vulnerable Endpoint Manager (EPM) appliances is now actively exploited in attacks. [...]BLEEPINGCOMPUTER.COM
2 OctHawaii Clinic Notifies 124,000 of Hack Credited to LockbitData Leak Preceded Law Enforcement Crackdown on Group That Targets Health Sector A clinic in Hawaii is notifying 124,000 patients that their health data was potentially compromised in a May hack. Lockbit 3.0 claims to have published the stolen records on its data leak site in Jun…DATABREACHTODAY.CO.UK
2 OctGlobal Governments Release New Ransomware Response GuidanceCounter Ransomware Group Focuses on Timely Reporting, Avoiding Paying the Ransom New voluntary ransomware guidance released during the International Counter Ransomware Initiative meeting this week calls for victims to report attacks to law enforcement on a more timely basis - and…DATABREACHTODAY.CO.UK
2 OctSmashing Security podcast #387: Breaches in your genes, and Kaspersky switcheroo raises a red flagFrom family tree to jail cell? A hacker is alleged to have exploited information on genealogy websites to steal millions from public companies. Meanwhile, Kaspersky's US customers are wondering - what on earth is UltraAV? All this and more is discussed in the latest edition of th…GRAHAMCLULEY.COM
2 OctUK ICO Fines Police Service Northern Ireland 750,000 PoundsA 2023 Breach Exposed Personal Details of All PSNI Officers and Staff The U.K. data regulator the Police Service for Northern Ireland 750,000 pounds following a 2023 data breach that exposed personal details of the entire workforce. The U.K. Information Commissioner's Office dete…DATABREACHTODAY.CO.UK
📋 SECURITY BULLETINS 2[−]
2 OctPatch Tuesday early release has huge issues: Cyber Security Today for Wednesday, October 2, 2024Cybersecurity News: Microsoft Patch Issues, Chrome Vulnerabilities, and T-Mobile Settlement In this episode of Cybersecurity Today, Jim Love discusses several pressing issues in the tech world. Early feedback on Microsoft's Windows 11 October Patch Tuesday update reveals signific…CYBERSECURITYTODAY.LIBSYN.COM
2 OctAddressing Git Vulnerabilities in Ubuntu 18.04 and 16.04Canonical has released security updates for Ubuntu 16.04 ESM and Ubuntu 18.04 ESM to address multiple vulnerabilities in Git, a powerful and widely-used distributed version control system.SECURITYBOULEVARD.COM
📢 SECURITY ADVISORIES 9[−]
2 OctThe U.K.'s NCSC and U.S. FBI Warn of Iranian Spear-Phishing AttacksThe U.K.’s National Cyber Security Centre (NCSC) and the U.S. FBI have released an advisory warning of Iranian state-sponsored spear-phishing attacks targeting “individuals with a nexus to Iranian and Middle Eastern affairs, such as current or former senior government officials, …KNOWBE4.COM
🔥 INCIDENT REPORTING 15[−]
2 OctEvil Corp hit with new sanctions, BitPaymer ransomware chargesThe Evil Corp cybercrime syndicate has been hit with new sanctions by the United States, United Kingdom, and Australia. The US also indicted one of its members for conducting BitPaymer ransomware attacks.BLEEPINGCOMPUTER.COM
2 OctCommunity Clinic of Maui says 123,000 affected by May cyberattackThe clinic said the hackers had access to personal data between May 4 and May 7, stealing information including Social Security numbers, passport numbers, financial account numbers with CVV numbers and expiration dates.THERECORD.MEDIA
2 OctAndariel Hacking Group Shifts Focus to Financial Attacks on U.S. OrganizationsThree different organizations in the U.S. were targeted in August 2024 by a North Korean state-sponsored threat actor called Andariel as part of a likely financially motivated attack. "While the attackers didn't succeed in deploying ransomware on the networks of any of the organi…THEHACKERNEWS.COM
2 OctMicrosoft Alert: New INC Ransomware Targets US HealthcareAs per a recent Microsoft alert, a threat actor with malicious financial motives has been observed leveraging a new INC ransomware strain to target the health sector in the United States (US).SECURITYBOULEVARD.COM
2 OctNews agency AFP notifies French authorities of potential data breachThe Paris-based news giant said it notified French regulators of a potential data breach following a recent cyberattack. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
2 OctChina-Linked CeranaKeeper Targeting Southeast Asia with Data ExfiltrationA previously undocumented threat actor called CeranaKeeper has been linked to a string of data exfiltration attacks targeting Southeast Asia. Slovak cybersecurity firm ESET, which observed campaigns targeting governmental institutions in Thailand starting in 2023, attributed the …THEHACKERNEWS.COM
2 OctThe Top 5 Largest Scale Intrusions in 2023Unit 42 Incident Response Report analyzed thousands of incidents, revealing the top 5 large-scale intrusions, what tools and vulnerabilities they focus on. The post The Top 5 Largest Scale Intrusions in 2023 appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
2 OctFake browser updates spread updated WarmCookie malwareA new 'FakeUpdate' campaign targeting users in France leverages compromised websites to show fake browser and application updates that spread a new version of the WarmCookie malware. [...]BLEEPINGCOMPUTER.COM
2 OctManufacturers Rank as Ransomware's Biggest Targetsubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/vulnerabilities-threats/manufacturers-ransomwares-biggest-targetSH.ITJUST.WORKS
2 OctDick’s Sporting Goods Cyber Attack Underscores Importance of Email Security and Internal ControlsThe recent cyber attack on Dick's Sporting Goods makes it clear that email played a critical role and emphasizes the need for better security controls.KNOWBE4.COM
2 OctHow to protect schools from cyberthreats | Kaspersky official blogEducational institutions are often the target of cyberattacks — with very serious consequences. Here’s how to keep schools and students safe.KASPERSKY.COM
2 OctSeparating the bee from the panda: CeranaKeeper making a beeline for ThailandESET Research details the tools and activities of a new China-aligned threat actor, CeranaKeeper, focusing on massive data exfiltration in Southeast AsiaWELIVESECURITY.COM
🕵️ THREAT INTELLIGENCE 24[−]
2 OctISC Stormcast For Wednesday, October 2nd, 2024 https://isc.sans.edu/podcastdetail/9162, (Wed, Oct 2nd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
2 OctAI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image RecognitionThe threat actors behind the Rhadamanthys information stealer have added new advanced features to the malware, including using AI for optical character recognition (OCR) as part of what's called "Seed Phrase Image Recognition.THEHACKERNEWS.COM
2 OctGhostStrike – A Cyber Security Tool for Red Team to Evade DetectionThe need for advanced tools that can effectively simulate real-world threats is paramount. Enter GhostStrike, a sophisticated cybersecurity tool explicitly designed for Red Team operations. With its array of features aimed at evading detection and performing process hollowing on …GBHACKERS.COM
2 OctCalifornia AI Safety Bill VetoedGovernor Newsom has vetoed the state’s AI safety bill. I have mixed feelings about the bill . There’s a lot to like about it, and I want governments to regulate in this space. But, for now, it’s all EU . (Related, the Council of Europe treaty on AI is ready for …SCHNEIER.COM
2 OctThe fix for BGP’s weaknesses – RPKI – has issues of its ownsubmitted by kid to cybersecurity 1 points | 0 comments https://www.theregister.com/2024/10/02/rpki_immaturity_study/SH.ITJUST.WORKS
2 OctCryptocurrency Wallets Targeted via Python Packages Uploaded to PyPIMultiple Python packages referencing dependencies containing cryptocurrency-stealing code were published to PyPI. The post Cryptocurrency Wallets Targeted via Python Packages Uploaded to PyPI appeared first on SecurityWeek .SECURITYWEEK.COM
2 OctHarmonic Raises $17.5M to Defend Against AI Data HarvestingHarmonic has raised a total of $26 million to develop a new approach to data protection using pre-trained, specialized language models. The post Harmonic Raises $17.5M to Defend Against AI Data Harvesting appeared first on SecurityWeek .SECURITYWEEK.COM
2 OctRecord-Breaking DDoS Attack Peaked at 3.8 Tbps, 2.14 Billion PpsCloudflare recently mitigated another record-breaking DDoS attack, peaking at 3.8 Tbps and 2.14 billion Pps. The post Record-Breaking DDoS Attack Peaked at 3.8 Tbps, 2.14 Billion Pps appeared first on SecurityWeek .SECURITYWEEK.COM
2 OctAfter Code Execution, Researchers Show How CUPS Can Be Abused for DDoS AttacksOver 58,000 internet-exposed CUPS hosts can be abused for significant DDoS attacks, according to Akamai. The post After Code Execution, Researchers Show How CUPS Can Be Abused for DDoS Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
2 OctWhat are You Working on Wednesdaysubmitted by shellsharks to cybersecurity 2 points | 0 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
2 OctCybersecurity Awareness Month: Cybersecurity awareness for developersIt’s the 21st annual Cybersecurity Awareness Month, and we’re covering many different angles to help organizations manage their cybersecurity challenges. In this mini-series of articles, we’re focusing on specific job roles outside of cybersecurity and how their…SECURITYINTELLIGENCE.COM
2 OctMITRE Adds Mitigations to EMB3D Threat ModelMITRE has expanded the EMB3D Threat Model with essential mitigations to help organizations address threats to embedded devices. The post MITRE Adds Mitigations to EMB3D Threat Model appeared first on SecurityWeek .SECURITYWEEK.COM
2 OctUS, Allies Release Guidance on Securing OT EnvironmentsNew guidance provides information on how to create and maintain a secure operational technology (OT) environment. The post US, Allies Release Guidance on Securing OT Environments appeared first on SecurityWeek .SECURITYWEEK.COM
2 OctMario Duarte, Former Snowflake Cybersecurity Leader, Joins Aembit as CISO to Tackle Non-Human IdentitiesAembit, the non-human IAM company, today announced the appointment of Mario Duarte as chief information security officer (CISO). Duarte, formerly head of security at Snowflake, joins Aembit with a deep commitment to address pressing gaps in non-human identity security. Duarte’s j…GBHACKERS.COM
2 OctNews alert: Aembit appoints former Snowflake security director Mario Duarte as its new CISOSilver Spring, MD, Oct. 2, 2024, CyberNewswire — Aembit , the non-human IAM company, today announced the appointment of Mario Duarte as chief information security officer (CISO). Duarte, formerly head of security at Snowflake, joins Aembit with a deep commitment … (mo…LASTWATCHDOG.COM
2 OctLLMs hallucinating non-existent developer packages could fuel supply chain attacksLarge Language Models (LLMs) have a serious “package hallucination” problem that could lead to a wave of maliciously-coded packages in the supply chain, researchers have discovered in one of the largest and most in-depth ever studies to investigate the problem. It’s so bad, in fa…INFOWORLD.COM
2 OctWarnings Mount Over Fake North Korean IT WorkersGerman Domestic Intelligence Agency Says German Companies Have Fallen For Scam The German federal domestic intelligence agency is adding to warnings over North Korean IT workers obtaining remote work in Western tech companies. The world's most secretive and repressive regime look…DATABREACHTODAY.CO.UK
2 OctAmazon CISO Amy Herzog on Embedding Security in Ring, AlexaHow Amazon Accelerates Product Development While Securing Customer Data Amy Herzog, chief information security officer for Ads and Devices at Amazon, shares how her cybersecurity team accelerates product development by integrating security from the start to secure customer data o…DATABREACHTODAY.CO.UK
2 OctFrom Desire Paths to Security Highways: Lessons from Disney's Approach to User-Centric DesignWhen Walt Disney first unveiled the Magic Kingdom, he made a decision that would revolutionize theme park design - and inadvertently offer a valuable lesson for cybersecurity professionals.KNOWBE4.COM
2 OctSecurity related Docker containers, (Wed, Oct 2nd)Over the last 9 months or so, I&#;x26;#;39;ve been putting together some docker containers that I find useful in my day-to-day malware analysis and forensicating. I have been putting them up on hub.docker.com and decided, I might as well let others kno…ISC.SANS.EDU
2 OctOpenAI's New Model is Berry Good at DeceptionStrawberry Can Also Assist with Making Weapons that Wipe Out Humans OpenAI claims its new artificial intelligence model, designed to "think" and "reason," can solve linguistic and logical problems that stump existing models. Officially called o1, the model nicknamed Strawberry ca…DATABREACHTODAY.CO.UK
2 OctFIN7 hackers launch deepfake nude “generator” sites to spread malwareThe notorious APT hacking group known as FIN7 launched a network of fake AI-powered deepnude generator sites to infect visitors with information-stealing malware. [...]BLEEPINGCOMPUTER.COM
2 OctOpenAI Valuation Nearly Doubles to $157B After $6.6B FundingThrive Capital, Microsoft, SoftBank, Nvidia Reportedly Lead OpenAI's Latest Funding OpenAI’s new $6.6 billion round of funding has nearly doubled its valuation to $157 billion. With investments from Thrive Capital, Microsoft, SoftBank and Nvidia, OpenAI plans to expand its AI res…DATABREACHTODAY.CO.UK
2 OctUS DOJ Unveils New Strategic Approach to Counter CybercrimeJustice Department Releases Cybercrime Plan, Focusing on Global Partnerships The United States Justice Department is coordinating its cybercrime defense mission under a new strategic approach released Wednesday that aims to enhance the collection of electronic evidence, bolster i…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 3[−]
2 OctNew PyPI Malware Poses as Crypto Wallet Tools to Steal Private KeysCheckmarx researchers discovered PyPI malware posing as crypto wallet tools. These malicious packages stole private keys and recovery phrases, targeting wallets like Metamask, Trust Wallet, and Exodus.HACKREAD.COM
2 Oct5 Must-Have Tools for Effective Dynamic Malware AnalysisDynamic malware analysis is a key part of any threat investigation. It involves executing a sample of a malicious program in the isolated environment of a malware sandbox to monitor its behavior and gather actionable indicators. Effective analysis must be fast, in-depth, and prec…THEHACKERNEWS.COM
2 OctFake Job Applications Deliver Dangerous More_eggs Malware to HR ProfessionalsA spear-phishing email campaign has been observed targeting recruiters with a JavaScript backdoor called More_eggs, indicating persistent efforts to single out the sector under the guise of fake job applicant lures. "A sophisticated spear-phishing lure tricked a recruitment offic…THEHACKERNEWS.COM
📡 INFOSEC NEWS 14[−]
2 OctCrook made millions by breaking into execs’ Office365 inboxes, feds sayFederal prosecutors have charged a man for an alleged “hack-to-trade” scheme that earned him millions of dollars by breaking into the Office365 accounts of executives at publicly traded companies.ARSTECHNICA.COM
2 OctCyble Researchers Uncover Sophisticated Attack Using VSCode for Remote AccessCyble researchers have uncovered a sophisticated campaign that starts with a suspicious .LNK file and uses VSCode to establish persistence and remote access – and installs the VSCode CLI if VSCode isn’t found on the victim machine.THECYBEREXPRESS.COM
2 OctIran-linked Threat Group Handala Actively Targets IsraelHandala's most serious claims are unverified, but the Iranian threat group's actions have led to numerous account suspensions and website shutdowns due to its persistent activities.THECYBEREXPRESS.COM
2 OctPyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User DataA new set of malicious packages has been unearthed in the Python Package Index (PyPI) repository that masqueraded as cryptocurrency wallet recovery and management services, only to siphon sensitive data and facilitate the theft of valuable digital assets. "The attack targeted use…THEHACKERNEWS.COM
2 OctMicrosoft warns of Windows 11 24H2 gaming performance issuesMicrosoft is working to fix several known issues behind Asphalt 8 game crashes and Easy Anti-Cheat blue screens on some Windows 24H2 systems. [...]BLEEPINGCOMPUTER.COM
2 OctMicrosoft blocks Windows 11 24H2 on some Intel PCs over BSOD issues​Microsoft is blocking Windows 24H2 upgrades on systems with incompatible Intel Smart Sound Technology (SST) audio drivers due to blue screen of death (BSOD) issues. [...]BLEEPINGCOMPUTER.COM
2 OctSophos Firewall v21: Streamlined managementHow to make the most of the new features in Sophos Firewall v21.SOPHOS.COM
2 OctMicrosoft Office 2024 now available for Windows and macOS usersMicrosoft has released Office 2024 for small businesses and consumers who want a standalone version without a Microsoft 365 subscription. [...]BLEEPINGCOMPUTER.COM
2 OctCybersecurity Awareness Month: A timely reminder to review your security postureExplore four pressing cybersecurity challenges organizations face in 2024 and how to overcoming themSOPHOS.COM
2 OctFake Trading Apps Target Victims Globally via Apple App Store and Google PlayA large-scale fraud campaign leveraged fake trading apps published on the Apple App Store and Google Play Store, as well as phishing sites, to defraud victims, per findings from Group-IB. The campaign is part of a consumer investment fraud scheme that's also widely known as pig b…THEHACKERNEWS.COM
2 OctSnake Oilers: Sandfly Security, Permiso and WizIn this edition of Snake Oilers we hear pitches from three security vendors: Sandfly Security: An agentless Linux security platform that actually sounds very cool Permiso: An identity security platform founded by ex FireEye folks Wiz: The cloud security giant is getting in on cod…RISKY.BIZ