A critical vulnerability in YouTube’s infrastructure allowed attackers to expose the email addresses tied to anonymous channels by combining flaws in Google’s account management system and an outdated Pixel Recorder API. The exploit chain, discovered by security researchers Brutecat and…
Category: EN
zkLend Hacked – $8.5M Stolen, Company offers 10% whitehat Bounty to Attacker
zkLend, a prominent decentralized finance (DeFi) protocol built on Ethereum’s Layer-2 zk-rollup technology, has fallen victim to a major security breach resulting in the theft of approximately 3,300 ETH, valued at around $8.5 million at current market prices. Unexpectedly, zkLend…
Experience from GAP Assessment Audits for NIS2 Compliance
The NIS2 (Directive (EU) 2022/2555 of the European Parliament and of the Council) imposes cybersecurity and information security compliance obligations on many organizations that previously had no such requirements. Most… The post Experience from GAP Assessment Audits for NIS2 Compliance…
Socure RiskOS boosts identity verification and fraud prevention
Socure announced its new RiskOS platform. RiskOS builds on Socure’s strategic acquisition of Effectiv by integrating its sophisticated orchestration and decisioning engine with Socure’s identity verification and fraud prevention solutions powered by its identity graph. As fraud continues to cost businesses hundreds…
Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability
Cybersecurity researchers have discovered a bypass for a now-patched security vulnerability in the NVIDIA Container Toolkit that could be exploited to break out of a container’s isolation protections and gain complete access to the underlying host. The new vulnerability is…
Service Levels for MSSPs: Elevating Security-Specific Services
Introduction: The Critical Role of Service Levels in Managed Security Today’s managed service providers (MSPs) play a crucial role in safeguarding businesses against cyber threats. As the complexity and frequency of these threats increase exponentially, it’s becoming critical for MSPs…
Fake Etsy invoice scam tricks sellers into sharing credit card information
Etsy sellers are being targeted by scammers that use a legitimate Etsy domain to host their dodgy PDFs. This article has been indexed from Malwarebytes Read the original article: Fake Etsy invoice scam tricks sellers into sharing credit card information
Netwrix simplifies managing vendor and third-party access
Netwrix released the new component of Netwrix Privilege Secure, which simplifies secure remote access for distributed workforces and third-party vendors. The new add-on reduces the attack surface by eliminating traditional VPN dependencies through granular, identity-based access control. It enables employees to…
Exclusive: Massive IoT Data Breach Exposes 2.7 Billion Records
Massive IoT data breach exposed 2.7 billion records including Wi-Fi credentials This article has been indexed from www.infosecurity-magazine.com Read the original article: Exclusive: Massive IoT Data Breach Exposes 2.7 Billion Records
Apple Confirms ‘Extremely Sophisticated’ Exploit Threatening iOS Security
Apple fixes the USB Restricted Mode flaw in iOS 18.3.1 and iPadOS 18.3.1. Vulnerability exploited in targeted attacks.… This article has been indexed from Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News Read the original article: Apple Confirms ‘Extremely…
Hackers Allegedly Claiming Breach OmniGPT, 30,000+ User Accounts Exposed
Hackers have allegedly breached OmniGPT, a ChatGPT-like AI chatbot platform, exposing sensitive data of over 30,000 users. The leaked data reportedly includes email addresses, phone numbers, API keys, and over 34 million user-chatbot interactions. A post on a hacking forum…
Mirai Botnet Exploting Router Vulnerabilities to Gain Complete Device Control
A new wave of cyberattacks has surfaced, with a Mirai-based botnet exploiting a number of significant vulnerabilities in routers and smart devices, primarily targeting industrial and home networks worldwide. The Shadowserver Foundation recently shared on X the botnet’s active exploitation…
Crimelords and spies for rogue states are working together, says Google
Only lawmakers can stop them. Plus: software needs to be more secure, but what’s in it for us? Google says the the world’s lawmakers must take action against the increasing links between criminal and state-sponsored cyber activity.… This article has…
Drata to Acquire SafeBase in $250 Million Deal
Security and compliance automation firm Drata has acquired trust center platform SafeBase in a quarter billion dollar deal. The post Drata to Acquire SafeBase in $250 Million Deal appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Encryption Consulting enhances CodeSign Secure platform
Encryption Consulting announced significant updates to its CodeSign Secure platform, a comprehensive code-signing solution designed to address the challenges of software security in modern development environments. As organizations prioritize software integrity, authenticity, and compliance, the complexities of managing secure code-signing…
Ivanti, Fortinet Patch Remote Code Execution Vulnerabilities
Ivanti and Fortinet on Tuesday released patches for multiple critical- and high-severity vulnerabilities in their products. The post Ivanti, Fortinet Patch Remote Code Execution Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…
Nametag Adds Ability to Verify Identity of New Remote Workers
Nametag extended its identity verification platform enabling organizations to verify the identity of a remote worker they are considering. The post Nametag Adds Ability to Verify Identity of New Remote Workers appeared first on Security Boulevard. This article has been…
How to Steer AI Adoption: A CISO Guide
CISOs are finding themselves more involved in AI teams, often leading the cross-functional effort and AI strategy. But there aren’t many resources to guide them on what their role should look like or what they should bring to these meetings. …
OpenAI Rebuffs $97.4 Billion Buyout Offer From Elon Musk Group
“No thank you” says OpenAI CEO Sam Altman, after group of investors led by Elon Musk make $97bn buyout offer This article has been indexed from Silicon UK Read the original article: OpenAI Rebuffs $97.4 Billion Buyout Offer From Elon…
Researchers Breach Software Supply Chain and Secure $50K Bug Bounty
A duo of cybersecurity researchers uncovered a critical vulnerability in a software supply chain, landing them an extraordinary $50,500 bug bounty. The exploit, described as an “Exceptional Vulnerability,” not only exposed systemic flaws in software supply chain security but also…