It was a year of devastating cyberattacks around the globe, from ransomware attacks on casinos to state-sponsored breaches of critical infrastructure. This article has been indexed from Security Latest Read the original article: The Worst Hacks of 2023
Category: EN
Vulnerabilities in Google Kubernetes Engine Could Allow Cluster Takeover
Two flaws in Google Kubernetes Engine could be exploited to escalate privileges and take over the Kubernetes cluster. The post Vulnerabilities in Google Kubernetes Engine Could Allow Cluster Takeover appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
CERT-UA Uncovers New Malware Wave Distributing OCEANMAP, MASEPIE, STEELHOOK
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign orchestrated by the Russia-linked APT28 group to deploy previously undocumented malware such as OCEANMAP, MASEPIE, and STEELHOOK to harvest sensitive information. The activity, which was detected by the agency between December…
Its Groundhog Day at Microsoft! Vulnerability patched again
Remember the movie Groundhog Day? Bull Murray plays a rather self-centered weatherman who finds himself in a time loop on Groundhog Day. Windows administrators may have similar feelings to Murray’s in regards […] Thank you for being a Ghacks reader.…
Europe’s Largest Parking App Provider Informs Customers of Data Breach
EasyPark says hackers stole European customer information, including partial IBAN or payment card numbers. The post Europe’s Largest Parking App Provider Informs Customers of Data Breach appeared first on SecurityWeek. This article has been indexed from SecurityWeek RSS Feed Read…
Critical Apache OFBiz Vulnerability in Attacker Crosshairs
Shadowserver sees possible in-the-wild exploitation of a critical Apache OFBiz vulnerability tracked as CVE-2023-49070. The post Critical Apache OFBiz Vulnerability in Attacker Crosshairs appeared first on SecurityWeek. This article has been indexed from SecurityWeek RSS Feed Read the original article:…
Google Settles $5bn Web Tracking Lawsuit
Settlement not disclosed after Google ends web tracking lawsuit with Chrome browser in “private” or “incognito” mode This article has been indexed from Silicon UK Read the original article: Google Settles $5bn Web Tracking Lawsuit
Operations, Trading of Eagers Automotive Disrupted by Cyberattack
Eagers Automotive, a vehicle dealer in Australia and New Zealand, has halted trading after being targeted in a cyberattack. The post Operations, Trading of Eagers Automotive Disrupted by Cyberattack appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Digital Battlefields: Artists Employ Technological Arsenal to Combat AI Copycats
Technology is always evolving, and the art field has been on the frontline of a new battle as a result – the war against artificial intelligence copycats. In the fast-paced world of artificial intelligence, it is becoming more and…
Develop Valuable Security and Risk Management Skills for Just $30 Through 1/1
With cyberthreats and cyberattacks always on the rise, developing security and risk management skills could be one of the best moves for your business or career. This article has been indexed from Security | TechRepublic Read the original article: Develop…
New Version of Meduza Stealer Released in Dark Web
The Resecurity’s HUNTER unit spotted a new version of the Meduza stealer (version (2.2)) that was released in the dark web. On Christmas Eve, Resecurity’s HUNTER unit spotted the author of perspective password stealer Meduza has released a new version…
Kimsuky Hackers Deploying AppleSeed, Meterpreter, and TinyNuke in Latest Attacks
Nation-state actors affiliated to North Korea have been observed using spear-phishing attacks to deliver an assortment of backdoors and tools such as AppleSeed, Meterpreter, and TinyNuke to seize control of compromised machines. South Korea-based cybersecurity company AhnLab attributed the activity…
CEO arranged his own cybersecurity, with predictable results
Cleaning up after hackers is easy compared to surviving the politics of consultancy On Call It’s the last Friday of 2023, but because the need for tech support never goes away neither does On Call, The Register’s Friday column in…
Indian IT Leaders Identify Security Gap in Data Policies
A recent study by Rubrik, a US-based data security firm, has bare concerning reality within the Indian IT sector: an alarming 49% of IT leaders feel that security remains a glaring omission within their organization’s data policies. This discovery sheds…
Microsoft Disables MSIX App Installer Protocol Widely Used in Malware Attacks
Microsoft on Thursday said it’s once again disabling the ms-appinstaller protocol handler by default following its abuse by multiple threat actors to distribute malware. “The observed threat actor activity abuses the current implementation of the ms-appinstaller protocol handler as an access vector…
Beware of this Instagram trend that compromise Data Privacy
In today’s modern era, the concept of privacy in our daily lives seems elusive, given the widespread sharing of personal details on various social media platforms. From Facebook and Instagram to WhatsApp, Twitter, and even the notorious Telegram, users often…
Navigating Cloud Security: A Comparative Analysis of IaaS, PaaS, and SaaS
In the era of digital transformation, businesses are increasingly leveraging cloud computing services to enhance agility, scalability, and efficiency. However, the paramount concern for organizations considering a move to the cloud is the security of their data and operations. This…
Why you need to extend enterprise IT security to the mainframe
Organizations with mainframes face a unique challenge: extending consistency across the entire enterprise, including mainframe environments. The ongoing issue lies in the incompatibility of tools designed for both mainframes and enterprise settings, resulting in disparate solutions, training methods, and user…
API security in 2024: Predictions and trends
As technology continues to advance at an unprecedented pace, so does the complexity of API (application programming interface) security. With the proliferation of APIs in modern applications and services, organizations will need to develop a better understanding of their API…
AI software market to hit $307 billion by 2027
The worldwide revenue for AI software will reach $307 billion in 2027, according to IDC. The forecast for AI-centric software includes Artificial Intelligence Platforms, AI Applications, AI System Infrastructure Software (SIS), and AI Application Development and Deployment (AD&D) software (excluding…