A threat actor has allegedly put up for sale a database belonging to Bharat Petroleum Corporation Limited (BPCL). This alarming news was first reported by DarkWebInformer on X, raising significant cybersecurity concerns for the corporation and its stakeholders. Details of…
Category: EN
The Role of Zero Trust Architecture in Enhancing SSO Security
Securing virtual identities and entry points has become a critical priority as cyber threats grow more sophisticated. A Single Sign-On (SSO) system offers ease and allows multi-functionality with a single set of identity verification, but they are enticing targets for…
NESA Standard Ensures Security of UAE’s Cyberspace
To allay dependence on oil revenue and expand the private sector, the United Arab Emirates (UAE) has committed, in recent years, to establishing a knowledge-based economy. Consequently, they have become a formidable competitor in Information Communication Technology (ICT). As the…
Critical Flaws Found in VICIdial Contact Center Suite, PoC Published
Two critical vulnerabilities, CVE-2024-8503 (SQL Injection) and CVE-2024-8504 (Privilege Escalation), have been uncovered in the VICIdial Contact Center Suite, posing a major risk for call centers globally. This article has been indexed from Cyware News – Latest Cyber News Read…
Despite Russia warnings, Western critical infrastructure remains unprepared
‘Lives will be lost’ as Moscow ramps up offensive cyber military units Feature As Russian special forces push more overtly into online operations, network defenders should be on the hunt for digital intruders looking to carry out cyberattacks that end…
Intezer raises $33 million to further develop its AI-based security operations solution
Intezer announced that it has raised $33 million in Series C funding, bringing its total capital raised to $60 million. The funding round was led by Norwest Venture Partners, with participation from all existing investors, including Intel Capital, OpenView, Magma,…
Verimatrix XTD Network Monitoring provides real-time detection of malicious activities
Verimatrix intoduced its Verimatrix XTD Network Monitoring feature, expanding its suite of application cybersecurity solutions to combat evolving network-related threats. Verimatrix XTD has long been at the forefront of identifying and neutralizing mobile app cyberthreats. The new Verimatrix XTD Network…
Chrome Introduces One-Time Permissions and Enhanced Safety Check for Safer Browsing
Google has announced that it’s rolling out a new set of features to its Chrome browser that gives users more control over their data when surfing the internet and protects against online threats. “With the newest version of Chrome, you…
AT&T Agrees $13m FCC Settlement Over Cloud Data Breach
Telco giant AT&T will pay the FCC $13m to resolve a cloud breach investigation This article has been indexed from www.infosecurity-magazine.com Read the original article: AT&T Agrees $13m FCC Settlement Over Cloud Data Breach
Python Infostealer Patching Windows Exodus App, (Wed, Sep 18th)
A few months ago, I wrote a diary[1] about a Python script that replaced the Exodus[2] Wallet app with a rogue one on macOS. Infostealers are everywhere these days. They target mainly browsers (cookies, credentials) and classic applications that may…
VMware vCenter Server Vulnerability Let Attackers Escalate Privileges
VMware has issued a critical security advisory (VMSA-2024-0019) addressing two significant vulnerabilities in its vCenter Server and VMware Cloud Foundation products. CVE-2024-38812 and CVE-2024-38813 vulnerabilities could allow attackers to execute remote code and escalate privileges. CVE-2024-38812: Heap-Overflow Vulnerability The first…
Chrome 129 Released with Fix for Multiple Security Vulnerabilities
The Chrome team has officially announced the release of Chrome 129, which is now available on the stable channel for Windows, Mac, and Linux. This update, which will be gradually rolled out over the coming days and weeks, addresses several…
Did a Chinese University Hacking Competition Target a Real Victim?
Participants in a hacking competition with ties to China’s military were, unusually, required to keep their activities secret, but security researchers say the mystery only gets stranger from there. This article has been indexed from Security Latest Read the original…
Broadcom fixed Critical VMware vCenter Server flaw CVE-2024-38812
Broadcom addressed a critical vulnerability in the VMware vCenter Server that could allow remote attackers to achieve code execution. Broadcom released security updates to address a critical vulnerability, tracked as CVE-2024-38812 (CVSS score: 9.8), in VMware vCenter Server that could…
Cyware Joins Coalition for Secure AI (CoSAI) to Advance Safe and Ethical AI Technologies
Cyware joins CoSAI to help drive the development of secure and ethical AI technologies, addressing the urgent need for AI safety amid today’s rapidly evolving cyber threats. Cyware, a provider of threat intelligence management, security collaboration, and orchestrated response, has…
Deadly Pager Explosions in Lebanon Linked to Possible Supply Chain Attack
Yesterday, Reuters reported that multiple explosions involving communication devices used by Hezbollah resulted in at least nine deaths and over 3000 injuries across Lebanon. Among those wounded were Hezbollah fighters, medics, and Iran’s ambassador to Lebanon, Mojtaba Amani, who sustained…
Apache Flaw: High Severity Vulnerability Fix Via Update
Organizations worldwide leverage technological solutions for increased efficiency and productivity. However, given the rapid advancements of online threats, using such solutions does come with some risks. The recently discovered Apache flaw is a fine example of such risks. In this article,…
Building a Secure Linux Environment for Enterprise Applications
Enterprises today face sophisticated attacks that are often targeted, persistent, and difficult to detect. Keep your Linux environment secure with automated live patching to apply security updates without downtime. Configure firewalls and secure communication protocols to protect network applications…
Hydden raises $4.4 million to improve identity security
Hydden announced that it has closed $4.4 million in seed funding led by Access Venture Partners. Other investors include Lockstep, the venture fund of CISOs Rinki Sethi and Lucas Moody, Service Provider Capital, and several cybersecurity angel investors including Andy…
CISA Issues Advice to Help Eliminate XSS Bugs
The US Cybersecurity and Infrastructure Security Agency is trying to eradicate cross-site scripting vulnerabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Issues Advice to Help Eliminate XSS Bugs