93Articles
10Categories
2024-10-24Date
🚨 CISA KEV 1[−]
24 Oct KEVCISA Adds Two Known Exploited Vulnerabilities to CatalogCISA has added two new vulnerabilities to its  Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2024-20481  Cisco ASA and FTD Denial-of-Service Vulnerability CVE-2024-37383  RoundCube Webmail Cross-Site Scripting (XSS) Vulnera…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 8[−]
24 OctCisco ASA Devices Vulnerable to SSH Remote Command Injection FlawCisco has issued a critical security advisory regarding a vulnerability in its Adaptive Security Appliance (ASA) Software. The vulnerability could allow remote attackers to execute commands with root-level privileges. The flaw, CVE-2024-20329, affects devices running a vulnerable…GBHACKERS.COM
24 OctFortinet Warns of Critical Vulnerability in FortiManager Under Active ExploitationFortinet has confirmed details of a critical security flaw impacting FortiManager that has come under active exploitation in the wild. Tracked as CVE-2024-47575 (CVSS score: 9.8), the vulnerability is also known as FortiJump and is rooted in the FortiGate to FortiManager (FGFM) p…THEHACKERNEWS.COM
24 OctXerox Printers Vulnerable to Remote Code Execution AttacksMultiple Xerox printer models, including EC80xx, AltaLink, VersaLink, and WorkCentre, have been identified as vulnerable to an authenticated remote code execution (RCE) attack. This vulnerability tracked as CVE-2024-6333, poses a significant risk, fully allowing attackers with ad…GBHACKERS.COM
24 OctGitLab Patches HTML Injection Flaw Leads to XSS AttacksGitLab has announced the release of critical security updates for its Community Edition (CE) and Enterprise Edition (EE). The updates address a high-severity HTML injection vulnerability that could lead to cross-site scripting (XSS) attacks. The patched versions, 17.5.1, 17.4.3, …GBHACKERS.COM
24 Oct KEVCritical Fortinet vulnerability finds zero-day RCE exploitsHackers in the wild are actively exploiting a critical vulnerability in Fortinet’s software management platform FortiManager, the company warned its users on Wednesday. The bug, tracked as CVE-2024-47575, has been assigned a CVSS score of 9.8 out of 10, and is described as a “mis…CSOONLINE.COM
24 OctNew Fortinet Zero-Day Exploited for Months Before PatchA Fortinet zero-day tracked as CVE-2024-47575 and named FortiJump has been exploited since at least June 2024. The post New Fortinet Zero-Day Exploited for Months Before Patch appeared first on SecurityWeek .SECURITYWEEK.COM
24 Oct KEVCisco Issues Urgent Fix for ASA and FTD Software Vulnerability Under Active AttackCisco on Wednesday said it has released updates to address an actively exploited security flaw in its Adaptive Security Appliance (ASA) that could lead to a denial-of-service (DoS) condition. The vulnerability, tracked as CVE-2024-20481 (CVSS score: 5.8), affects the Remote Acces…THEHACKERNEWS.COM
24 OctMandiant says new Fortinet flaw has been exploited since JuneA new Fortinet FortiManager flaw dubbed "FortiJump" and tracked as CVE-2024-47575 has been exploited since June 2024 in zero-day attacks on over 50 servers, according to a new report by Mandiant. [...]BLEEPINGCOMPUTER.COM
⚠️ VULNERABILITY DISCLOSURE 32[−]
24 OctGoogle Patches Multiple Chrome Security VulnerabilitiesGoogle has released several security patches for its Chrome browser, addressing critical vulnerabilities that malicious actors could exploit. The update is now available on the Stable channel, with version 130.0.6723.69/.70 for Windows and Mac and version 130.0.6723.69 for Linux.…GBHACKERS.COM
24 OctDiese Unternehmen hat’s schon erwischtHier finden Sie aktuelle Cyberangriffe auf deutsche Unternehmen. Elena Uve – Shutterstock.com Sie denken, Ihre Sicherheitsmaßnahmen können Sie langfristig vor Cyberangriffen schützen? Oder dass Ihr Unternehmen zu klein und damit uninteressant für Hacker ist? Egal, ob Sie dem Mitt…CSOONLINE.COM
24 OctSamsung Galaxy S24 Hacked at Pwn2Own Ireland 2024Over $350,000 was paid out on day 2 of Pwn2Own Ireland 2024, including $50,000 for an exploit targeting the Samsung Galaxy S24. The post Samsung Galaxy S24 Hacked at Pwn2Own Ireland 2024 appeared first on SecurityWeek .SECURITYWEEK.COM
24 OctCisco Patches Vulnerability Exploited in Large-Scale Brute-Force CampaignCisco has released patches for multiple vulnerabilities in ASA, FMC, and FTD products, including an exploited flaw. The post Cisco Patches Vulnerability Exploited in Large-Scale Brute-Force Campaign appeared first on SecurityWeek .SECURITYWEEK.COM
24 OctNew Scoring System Helps Secure the Open Source AI Model Supply ChainAI models from Hugging Face can contain similar hidden problems to OSS downloads from repositories such as GitHub. The post New Scoring System Helps Secure the Open Source AI Model Supply Chain appeared first on SecurityWeek .SECURITYWEEK.COM
24 OctLazarus Group Exploits Google Chrome Vulnerability to Control Infected DevicesThe North Korean threat actor known as Lazarus Group has been attributed to the zero-day exploitation of a now-patched security flaw in Google Chrome to seize control of infected devices. Cybersecurity vendor Kaspersky said it discovered a novel attack chain in May 2024 that targ…THEHACKERNEWS.COM
24 OctThe ransomware negotiation playbook adds new chaptersWhen an organization is suddenly locked out of its own systems or has sensitive data stolen, it’s not just about losing access — it’s an existential threat to its entire operation. Navigating a ransomware attack requires a cross-departmental response team, including legal counsel…CSOONLINE.COM
24 Oct KEVCritical bug in millions of Samsung Exynos phone processors exploited in the wildsubmitted by BrikoX to cybersecurity 1 points | 0 comments https://www.thestack.technology/critical-bug-in-millions-of-samsung-exynos-phone-processors-exploited-in-the-wild/ Google researchers say use after free vulnerability could allow attackers to escalate privileges on Androi…SH.ITJUST.WORKS
24 OctCritical Fortinet vulnerability finds zero-day RCE exploitssubmitted by BrikoX to cybersecurity 1 points | 0 comments https://www.csoonline.com/article/3586092/critical-fortinet-vulnerability-finds-zero-day-rce-exploits.html Threat actors exploited buggy FortiManager instances to extract the credentials of managed devices.SH.ITJUST.WORKS
24 OctCisco Patches Vulnerability Exploited in Large-Scale Brute-Force Campaignsubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/cisco-patches-vulnerability-exploited-in-large-scale-brute-force-campaign/SH.ITJUST.WORKS
24 OctXerox Printers Vulnerable to Remote Code Execution Attackssubmitted by kid to cybersecurity 1 points | 0 comments https://gbhackers.com/xerox-printers-vulnerable/SH.ITJUST.WORKS
24 OctLazarus Group Exploits Chrome Zero-Day in Latest Campaignsubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/cyberattacks-data-breaches/lazarus-group-exploits-chrome-zero-day-campaignSH.ITJUST.WORKS
24 OctNorth Korean Hackers Exploited Chrome Zero-Day for Cryptocurrency TheftThe Lazarus APT created a deceptive website that exploited a Chrome zero-day to install malware and steal cryptocurrency. The post North Korean Hackers Exploited Chrome Zero-Day for Cryptocurrency Theft appeared first on SecurityWeek .SECURITYWEEK.COM
24 OctCISA Releases Four Industrial Control Systems AdvisoriesCISA released four Industrial Control Systems (ICS) advisories on October 24, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-298-01 VIMESA VHF/FM Transmitter Blue Plus ICSA-24-298-02 iniNet S…CISA.GOV
24 OctAWS Cloud Development Kit Vulnerability Exposes Users to Potential Account Takeover RisksCybersecurity researchers have disclosed a security flaw impacting Amazon Web Services (AWS) Cloud Development Kit (CDK) that could have resulted in an account takeover under specific circumstances. "The impact of this issue could, in certain scenarios, allow an attacker to gain …THEHACKERNEWS.COM
24 OctSamsung Galaxy S24 and Sonos Era hacked on Pwn2Own Ireland Day 2On the second day of Pwn2Own Ireland 2024, competing white hat hackers showcased an impressive 51 zero-day vulnerabilities, earning a total of $358,625 in cash prizes. [...]BLEEPINGCOMPUTER.COM
24 OctCISA, US, and International Partners Release Joint Guidance to Assist Software Manufacturers with Safe Software Deployment ProcessesToday, CISA—along with U.S. and international partners—released joint guidance, Safe Software Deployment: How Software Manufacturers Can Ensure Reliability for Customers . This guide aids software manufacturers in establishing secure software deployment processes to help ens…CISA.GOV
24 OctCryptohack Roundup: Nigeria Drops Charges on Binance ExecAlso: Indian Hackers Gets 5 Years in Prison for Stealing $20M Every week, ISMG rounds up cybersecurity incidents in digital assets. This week, the Nigerian government dropped charges on Binance executive Tigran Gambaryan, an Indian hacker faces five years in prison for stealing $…DATABREACHTODAY.CO.UK
24 OctCisco Releases Security Bundle for Cisco ASA, FMC, and FTD SoftwareCisco released its October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication to address vulnerabilities in Cisco ASA, FMC, and FTD. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.   …CISA.GOV
24 OctNot The Vulnerabilities You're Looking For - PSW #848This week: The USB Army Knife that won't break the budget, I don't want to say EDR is useless (but there I said it), Paul's list of excellent hacking tips, FortiJump - an RCE that took a while to become public, do malware care if it's on a hypervisor?, MicroPython for fun and not…YOUTUBE.COM
24 OctCisco fixes VPN DoS flaw discovered in password spray attacksCisco fixed a denial of service flaw in its Cisco ASA and Firepower Threat Defense (FTD) software, which was discovered during large-scale brute force attacks against Cisco VPN devices in April. [...]BLEEPINGCOMPUTER.COM
24 OctSophos to acquire rival Secureworks in $859 million dealSecurity provider Sophos has announced it intends to acquire Secureworks for around $859 million. The deal will be settled in cash. Secureworks shareholders will receive $8.50 per share, which represents a 28% premium on the average value of the stock calculated over the past 90 …CSOONLINE.COM
24 OctDevelopment Features Enabled in Prodcution, (Thu, Oct 24th)We do keep seeing attackers "poking around" looking for enabled development features. Developers often use these features and plugins to aid in debugging web applications. But if left behind, they may provide an attacker with inside to the application. In their simplest form, the…ISC.SANS.EDU
24 OctCISOs have to get on top of AI technologies, warns MicrosoftCISOs have to get on top of artificial intelligence technologies to defend their organizations, because threat actors are already using generative AI (genAI) to create malware, better phishing lures and deepfake videos, warns Microsoft. The alert came last week as part of the com…CSOONLINE.COM
24 OctHenry Schein discloses data breach a year after ransomware attackHenry Schein has finally disclosed a data breach following at least two back-to-back cyberattacks in 2023 by the BlackCat Ransomware gang, revealing that over 160,000 people had their personal information stolen. [...]BLEEPINGCOMPUTER.COM
24 OctChromium: CVE -2024-10231 Type Confusion in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
24 OctChromium: CVE -2024-10230 Type Confusion in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
24 OctChromium: CVE -2024-10229 Inappropriate implementation in ExtensionsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
24 OctHackers Probing Newly Disclosed Fortinet Zero DayMandiant Says High-Severity Flaw Could Give Attackers Remote Unauthenticated Access Researchers at Mandiant say a new threat cluster first observed June 27 has been exploiting a Fortinet zero day the network edge device manufacturer publicly disclosed Wednesday. Researchers said …DATABREACHTODAY.CO.UK
24 OctApple creates Private Cloud Compute VM to let researchers find bugsApple created a Virtual Research Environment to allow public access to testing the security of its Private Cloud Compute system, and released the source code for some "key components" to help researchers analyze the privacy and safety features on the architecture. [...]BLEEPINGCOMPUTER.COM
24 OctThree Ways AI Can Hack the U.S. ElectionThe growing capability of AI content poses three very real threats to modern elections. We explain each, and take a glimpse at a possible solution to the growing AIpocalypse.F5.COM
📋 SECURITY BULLETINS 1[−]
24 OctNvidia Patches High-Severity Flaws in Windows, Linux Graphics DriversNvidia rolls out urgent security updates to fix at least 8 high-severity vulnerabilities in GPU drivers for Windows and Linux. The post Nvidia Patches High-Severity Flaws in Windows, Linux Graphics Drivers appeared first on SecurityWeek .SECURITYWEEK.COM
📢 SECURITY ADVISORIES 10[−]
24 OctIranian hackers ramp up influence operations ahead of 2024 US electionAs the 2024 US presidential election approaches, Iranian hackers are stepping up their cyber-influence operations to disrupt the electoral process and undermine voter confidence in the US. Iran-backed groups, particularly the Islamic Revolutionary Guard Corps (IRGC), have been in…CSOONLINE.COM
24 OctWhy Phishing-Resistant MFA Is No Longer Optional: The Hidden Risks of Legacy MFASometimes, it turns out that the answers we struggled so hard to find were sitting right in front of us for so long that we somehow overlooked them. When the Department of Homeland Security, through the Cybersecurity and Infrastructure Security Agency (CISA), in coordination with…THEHACKERNEWS.COM
24 OctRussia says 'unprecedented' cyber attack hits foreign ministry amid BRICS summitsubmitted by kid to cybersecurity 2 points | 0 comments https://www.reuters.com/world/europe/russia-says-unprecedented-cyber-attack-hits-foreign-ministry-amid-brics-summit-2024-10-23/SH.ITJUST.WORKS
24 OctGlobale und regionale Unterschiede in Cyber-StrategienKI und Investitionen in Cyber Security im Vergleich DACH vs. Global Quelle: Shutterstock Shutterstock – Aleksandar Malivuk Cyber Security rückt insbesondere in Deutschland mehr und mehr in den Fokus vieler Firmen. Dies liegt nicht zuletzt an der wachsenden Zahl der Angriffe, sond…CSOONLINE.COM
24 OctBiden Administration Seeks National Security Edge in AIWhite House Officials Worry That China Can Leap From U.S. Capabilities The Biden administration declared artificial intelligence suitable for national security purposes in a Thursday directive providing guidance for AI governance and risk management for use in classified missions…DATABREACHTODAY.CO.UK
24 OctInsurance admin Landmark says data breach impacts 800,000 peopleInsurance administrative services company Landmark Admin warns that a data breach impacts over 800,000 people from a May cyberattack. [...]BLEEPINGCOMPUTER.COM
24 OctBreach Roundup: CISA Proposes Security for Bulk Data SalesAlso: Payment Card Theft Trends, Internet Archive Update This week, bulk data transfers to China, credit card theft, the Internet Archive still recovering and the Change Healthcare tally is now 100M. Ukraine fought phishers, civil society against the UN cybercrime treaty, TA866 a…DATABREACHTODAY.CO.UK
24 OctLinkedIn Fined 310 Million Euros For Privacy ViolationsIrish Data Protection Commission Cites Social Platform for GDPR Violations The Irish Data Protection Commission imposed a 310 million euro fine on LinkedIn for violating a European privacy law stemming from the company's use of customer data. It ordered the social media platform …DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 15[−]
24 OctSEC Fines Four Companies $7 Million for Misleading Cybersecurity Disclosures: Cyber Security Today for Thursday, October 23, 2024SEC Fines, WordPress Hacks, & Okta's New Security Standards | Cybersecurity Today Join host Jim Love in this episode of Cybersecurity Today, sponsored by CDW Canada Tech Talks. We delve into the SEC's $7 million fine on four companies for misleading cybersecurity disclosures, the…CYBERSECURITYTODAY.LIBSYN.COM
24 OctUnderstanding the Initial Stages of Web Shell and VPN Threats: An MXDR AnalysisWhile cyberattacks that employ web shells and VPN compromise are not particularly novel, they are still prevalent. The recent incidents that Trend Micro MXDR analyzed highlight the importance of behavioral analysis and anomaly detection in security measures.TRENDMICRO.COM
24 OctNew malware family NotLockBit aims ransomware attacks toward macOSsubmitted by kid to cybersecurity 1 points | 0 comments https://www.scworld.com/news/new-malware-family-notlockbit-aims-ransomware-attacks-toward-macosSH.ITJUST.WORKS
24 OctEmbargo Ransomware Gang Deploys Customized Defense Evasion Toolssubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/embargo-ransomware-defense-evasion/SH.ITJUST.WORKS
24 OctRansomware-Attacke auf Medienhaus IDEAsrcset="https://b2b-contenthub.com/wp-content/uploads/2024/10/shutterstock_2118353690.jpg?quality=50&strip=all 6720w, https://b2b-contenthub.com/wp-content/uploads/2024/10/shutterstock_2118353690.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.c…CSOONLINE.COM
24 Oct3 proven use cases for AI in preventative cybersecurityIBM’s Cost of a Data Breach Report 2024 highlights a ground-breaking finding: The application of AI-powered automation in prevention has saved organizations an average of $2.2 million. Enterprises have been using AI for years in detection, investigation and response. Howeve…SECURITYINTELLIGENCE.COM
24 OctNew Qilin ransomware encryptor features stronger encryption, evasionA new Rust-based variant of the Qilin (Agenda) ransomware strain, dubbed 'Qilin.B,' has been spotted in the wild, featuring stronger encryption, better evasion from security tools, and the ability to disrupt data recovery mechanisms. [...]BLEEPINGCOMPUTER.COM
24 OctNew Qilin ransomware encryptor features stronger encryption, evasionsubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/new-qilin-ransomware-encryptor-features-stronger-encryption-evasion/SH.ITJUST.WORKS
24 OctNotLockBit: ransomware discovery serves as wake-up call for Mac usersHistorically, Mac users haven't had to worry about malware as much as their Windows-using cousins. But that doesn't mean that Mac users should be complacent. And the recent discovery of a new malware strain emphasises that the threat - even if much smaller than on Windows - remai…TRIPWIRE.COM
24 OctNew Qilin.B Ransomware Variant Emerges with Improved Encryption and Evasion TacticsCybersecurity researchers have discovered an advanced version of the Qilin ransomware sporting increased sophistication and tactics to evade detection. The new variant is being tracked by cybersecurity firm Halcyon under the moniker Qilin.B. "Notably, Qilin.B now supports AES-256…THEHACKERNEWS.COM
24 OctUnforeseen Risks to Medical Devices in Ransomware AttacksWhile ransomware attacks against medical devices don't happen often, disruptive cyber incidents that affect the availability of the IT systems that medical devices rely on are a big concern that needs the industry's critical attention, said Jessica Wilkerson of the FDA.DATABREACHTODAY.CO.UK
24 OctUnitedHealth says Change Healthcare data breach affects over 100 million people in AmericaHealth insurance giant UnitedHealth blamed a ransomware gang for the data breach that included a substantial proportion of America's health data. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
24 OctUnitedHealth says data of 100 million stolen in Change Healthcare hackUnitedHealth has confirmed for the first time that over 100 million people had their personal information and healthcare data stolen in the Change Healthcare ransomware attack, marking this as the largest healthcare data breach in recent years. [...]BLEEPINGCOMPUTER.COM
24 OctUnitedHealth says data of 100 million stolen in Change Healthcare breachUnitedHealth has confirmed for the first time that over 100 million people had their personal information and healthcare data stolen in the Change Healthcare ransomware attack, marking this as the largest healthcare data breach in recent years. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 15[−]
24 OctISC Stormcast For Thursday, October 24th, 2024 https://isc.sans.edu/podcastdetail/9194, (Thu, Oct 24th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
24 OctPenn State Settles for $1.25M Over Failure to Comply With DoD, NASA Cybersecurity RequirementsThe Penn State university has agreed to pay $1.25 million to settle alleged failure to meet cybersecurity requirements for DoD and NASA contracts. The post Penn State Settles for $1.25M Over Failure to Comply With DoD, NASA Cybersecurity Requirements appeared first on SecurityWee…SECURITYWEEK.COM
24 OctAttackers Target Crypto Wallets Using Codeless Webflow Phishing Pagessubmitted by kid to cybersecurity 1 points | 0 comments https://www.netskope.com/blog/attackers-target-crypto-wallets-using-codeless-webflow-phishing-pagesSH.ITJUST.WORKS
24 OctNew Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade Detectionsubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2024/10/new-grandoreiro-banking-malware.htmlSH.ITJUST.WORKS
24 Oct'Prometei' Botnet Spreads its Cryptojacker Worldwidesubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/threat-intelligence/prometei-botnet-cryptojacker-worldwideSH.ITJUST.WORKS
24 OctNew Malware WarmCookie Targets Users with Malicious Linkssubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/malware-warmcookie-users-malicious/SH.ITJUST.WORKS
24 Oct‘Deceptive Delight’ Jailbreak Tricks Gen-AI by Embedding Unsafe Topics in Benign NarrativesDeceptive Delight is a new AI jailbreak that has been successfully tested against eight models with an average success rate of 65%. The post ‘Deceptive Delight’ Jailbreak Tricks Gen-AI by Embedding Unsafe Topics in Benign Narratives appeared first on SecurityWeek .SECURITYWEEK.COM
24 OctMisconfigured UN Database Exposes 228GB of Gender Violence Victims' Datasubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/misconfigured-un-database-gender-violence-victims-data/SH.ITJUST.WORKS
24 OctHere's What I Would Do If I Could Start Over In Cybersecurity...submitted by pantherina to cybersecurity 0 points | 0 comments https://www.youtube.com/watch?v=T95SQRDFbVI (His videos are often very lengthy and beating around the bush, so here is a short summary) Learn basics of IT, Hardware, Software, OS, Networking Like CompTIA A+, Networkin…SH.ITJUST.WORKS
24 Oct[2025 Is Too Late] - European Companies Must Act Now Against AI-Powered Cyber ThreatsEuropean Organizations Can't Afford to Wait: Critical Cybersecurity Threats Demand Immediate ActionKNOWBE4.COM
24 OctSecure By Default - How do we get there? - Andy Syrewicze - PSW #848Andy drops some Microsoft Windows and 365 knowledge as we discuss the details on how we get to secure by default in our Windows and cloud environments. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-848YOUTUBE.COM
24 OctApple Opens Private Cloud Compute for Public Security InspectionCupertino said the research lab and tooling offers “verifiable transparency” of its promises to secure AI-powered data on its platforms. The post Apple Opens Private Cloud Compute for Public Security Inspection appeared first on SecurityWeek .SECURITYWEEK.COM
24 OctWhy Security is Everyone’s Job Now→Subscribe to our podcasts: https://securityweekly.com/subscribe →Join our community Discord: https://securityweekly.com/discord #SecurityWeekly #Cybersecurity #InformationSecurityYOUTUBE.COM
24 OctElectric Vehicle Charging Stations at Risk From Hack AttacksMany Charging Cable Interfaces Have Exposed SSH and HTTP Ports, Researchers Warn Researchers demonstrated that multiple brands of EV charging stations have vulnerabilities due to manufacturers often leaving open and unsecured SSH and HTTP ports. The risks of these vulnerabilities…DATABREACHTODAY.CO.UK
24 OctSocure to Fortify Identity Services With $136M Effectiv BuyEffectiv's 30-Person Team to Streamline Identity Services, Help Socure Grow Revenue Socure has acquired Effectiv, integrating its engineering team of 30 to strengthen identity verification capabilities. The $136 million deal aims to speed up customer onboarding, enhance transacti…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 1[−]
🎙️ PODCASTS 1[−]
24 OctESET Research Podcast: CosmicBeetleLearn how a rather clumsy cybercrime group wielding buggy malicious tools managed to compromise a number of SMBs in various parts of the worldWELIVESECURITY.COM
📡 INFOSEC NEWS 9[−]
24 OctSecurity and privacy settings in adidas Running | Kaspersky official blogHow to set up privacy in the adidas Running (Runtastic) app to prevent leaks of personal data.KASPERSKY.COM
24 OctIreland fines LinkedIn €310 million over targeted advertisingLinkedIn received a €310 million fine from the Irish Data Protection Commission for violating European Union's law related to the processing of personal data for behavioral analysis and targeted advertising. [...]BLEEPINGCOMPUTER.COM
24 OctApple will pay security researchers up to $1 million to hack its private AI cloudAhead of the debut of Apple’s private AI cloud next week, dubbed Private Cloud Compute, the technology giant says it will pay security researchers up to $1 million to find vulnerabilities that can compromise the security of its private AI cloud. In a post on Apple’s s…TECHCRUNCH.COM
24 OctFrom SD-WAN to SASE: Networking’s Next Big Evolution!The way we think about network connectivity and security is evolving fast! 🌐 Legacy designs focused on point-to-point connections, but with users and apps everywhere, that's no longer enough. Enter SD-WAN and SASE, bringing the next big leap in networking. 💻 Discover how hybrid a…YOUTUBE.COM
24 OctWindows 11 24H2 KB5044384 update fixes sfc /scannow corrupt file errorsMicrosoft has released the optional KB5044384 preview cumulative update for Windows 11 24H2, which includes twenty-four changes, including a bug that caused the sfc /scannow command to always display corrupt file errors. [...]BLEEPINGCOMPUTER.COM