The Dutch data protection regulator has imposed a €290m GDPR fine on Uber for storing driver data in the US without adequate safeguards This article has been indexed from www.infosecurity-magazine.com Read the original article: Uber Hit With €290m GDPR Fine
Category: EN
News Chrome 0-Day Vulnerability (CVE-2024-7965) Actively Exploited in the Wild
The Chrome team announced that Chrome 128 has been promoted to the stable channel for Windows, Mac, and Linux. This update, Chrome 128.0.6613.84/.85, includes numerous fixes and improvements. However, a critical security vulnerability, CVE-2024-7965, has been discovered and actively exploited…
Life in Cybersecurity: Expert Tips and Insights from a Cybersecurity Recruiter
One of the most challenging aspects of working in cybersecurity can be the deceptively simple act of finding the best job that suits your skillset and best fits the employer’s expectations. Whether it is an entry-level position, a lateral move,…
How Automation and AI are Transforming GRC Management
There is no doubt that we now live in an AI-driven, automation-powered world. Across industries and markets, leaders and professionals are achieving the utility of AI in their processes. The same applies to Governance, Risk, and Compliance (GRC) management, but…
Why Companies Need Real-Time Compliance
The need for real-time compliance has never been more critical. As regulatory landscapes evolve and become more complex, organizations face mounting pressure to ensure they remain compliant at all times. This shift from traditional, periodic audits to continuous, real-time compliance…
Centreon Issues Critical Security Update to Fix SQL Injection Vulnerabilities That Threaten IT Monitoring
These vulnerabilities, known as CVE-2024-32501, CVE-2024-33852, CVE-2024-33853, CVE-2024-33854, CVE-2024-5725, and CVE-2024-39841, pose a significant risk to organizations relying on Centreon for IT infrastructure monitoring. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
Critical SSTI Flaw in WPML Plugin Exposes Millions of WordPress Sites to RCE Attacks
This vulnerability allows authorized users to inject and execute malicious code through the plugin’s shortcode feature, potentially leading to data theft and website takeover. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
A Third of Organizations Suffer SaaS Data Breaches
AppOmni report claims number of companies suffering SaaS-related data breaches has jumped five percentage points over past year This article has been indexed from www.infosecurity-magazine.com Read the original article: A Third of Organizations Suffer SaaS Data Breaches
Vesra File Type Upload Vulnerability Lets Attackers Gain Sys-Admin Access from MSP
A critical vulnerability has been identified in Versa Director, a vital component of the company’s SD-WAN solution. The vulnerability, officially designated as CVE-2024-39717, allows attackers to upload potentially malicious files, granting them system administrator access. This issue explicitly affects users…
Exploiting the Windows Kernel via Malicious IPv6 Packets (CVE-2024-38063)
Performing a root cause analysis and building proof-of-concept for the recent August 2024 CVSS 9.0 TCP/IP RCE vulnerability This article has been indexed from MalwareTech Read the original article: Exploiting the Windows Kernel via Malicious IPv6 Packets (CVE-2024-38063)
Global Field Service Management Provider Exposes Nearly 32 Million Documents Online
Nearly 32 million documents, including invoices, contracts, and agreements, were exposed online by ServiceBridge, a global field service management provider. Cybersecurity researcher Jeremiah Fowler made the discovery, reporting the unprotected database to WebsitePlanet. The database contained 31.5 million records, including…
Gafgyt Botnet: Weak SSH Passwords Targeted For GPU Mining
A new variant of the Gafgy botnet has recently been discovered by cybersecurity researchers. As per media reports, the botnet appears to be machines with weak SSH passwords for mining crypto. In this article, we’ll dive into the details of…
Ransomware news headlines trending on Google
Patelco Credit Union Hit by Ransomware Attack Affecting 726,000 Customers Patelco Credit Union, a U.S. nonprofit financial institution, has disclosed a ransomware attack that compromised its IT systems on June 29 of this year. The attack was carried out by…
Google Warns of CVE-2024-7965 Chrome Security Flaw Under Active Exploitation
Google has revealed that a security flaw that was patched as part of a security update rolled out last week to its Chrome browser has come under active exploitation in the wild. Tracked as CVE-2024-7965, the vulnerability has been described…
Microsoft Fixes ASCII Smuggling Flaw That Enabled Data Theft from Microsoft 365 Copilot
Details have emerged about a now-patched vulnerability in Microsoft 365 Copilot that could enable the theft of sensitive user information using a technique called ASCII smuggling. “ASCII Smuggling is a novel technique that uses special Unicode characters that mirror ASCII…
How to prioritize data privacy in core customer-facing systems
Evolving global data privacy regulations are keeping marketers on their toes. In April 2024, the American Privacy Rights Act (APRA) was introduced in the Senate. The proposed bill would create a federal consumer privacy framework akin to the GDPR, which…
The Dutch Data Protection Authority (DPA) has fined Uber a record €290M
The Dutch Data Protection Authority (DPA) has fined Uber a record €290M for violating the EU data protection regulation while sending sensitive driver data to the U.S. The Dutch Data Protection Authority (DPA) has fined Uber €290 million ($324 million)…
Flights Disrupted at Seattle-Tacoma Airport Due to Possible Cyberattack
Seattle-Tacoma International Airport (SEA-TAC) appears to have been targeted by a cyberattack, with critical systems experiencing widespread internet outages for the third consecutive day, according to officials from the Port of Seattle. The disruptions, which began early on Saturday, have…
Evolving Cybersecurity: Aligning Strategy with Business Growth
The cybersecurity landscape is evolving at an unprecedented pace, driven by rapid technological advancements and increasingly sophisticated cyber threats. What was sufficient yesterday, will be lacking for tomorrow. Organizations must stay ahead of these changes to protect their assets and…
Half of enterprises suffer breaches despite heavy security investments
Data breaches have become an increasingly severe threat, with recent reports highlighting a surge in their frequency and cost. Understanding the latest trends and statistics surrounding data breaches is essential for developing effective strategies to safeguard sensitive information. This article…