In this episode of Cybersecurity Today, host Jim Love delves into Elon Musk’s claim that a DDoS attack delayed his live interview with Donald Trump, the revelation of a massive data breach compromising most U.S. social security numbers, and CrowdStrike’s…
Zoom Fixes Critical Vulnerabilities Allowing Privilege Escalation
Zoom Video Communications has recently disclosed several critical vulnerabilities affecting its Workplace Apps, SDKs, and Rooms Clients. These vulnerabilities, identified in multiple security bulletins, pose significant risks, potentially allowing attackers to escalate privileges on affected systems. The issues impact users…
Malware Loaders Dominate Cybersecurity Threats in 2024
Malware loaders are a significant threat in the cybersecurity landscape, with nearly 40% of all malware observed in critical security incidents involving these specialized tools. Among the most prevalent loaders are “SocGholish,” “GootLoader,” and “Raspberry Robin,” which have been frequently…
Mobile security settings useful to block thieves in extracting data and money
In recent months, Britain has seen a concerning increase in smartphone thefts. Whether on the tube, during transit, or simply walking home, thieves are seizing every opportunity to target unsuspecting smartphone users. To help you safeguard your data and finances…
Can Hackers Track Down a User Based on Google Maps Usage?
In an age where digital privacy concerns are at an all-time high, the potential for hackers to track users through their Google Maps usage raises significant alarm. Google Maps, a widely-used navigation tool, provides invaluable convenience in everyday life, but…
When Disinformation Floods the Internet, Preserving Truth Requires Proper Equipment
The World Wide Web is the greatest tool for sharing information humankind has ever created. Unfortunately, lies and fake news spread over the Internet just as well. It is so easy for disinformation to proliferate online that it takes the…
China-Backed Earth Baku Expands Cyber Attacks to Europe, Middle East, and Africa
The China-backed threat actor known as Earth Baku has diversified its targeting footprint beyond the Indo-Pacific region to include Europe, the Middle East, and Africa starting in late 2022. Newly targeted countries as part of the activity include Italy, Germany,…
Critical Flaw in Ivanti Virtual Traffic Manager Could Allow Rogue Admin Access
Ivanti has rolled out security updates for a critical flaw in Virtual Traffic Manager (vTM) that could be exploited to achieve an authentication bypass and create rogue administrative users. The vulnerability, tracked as CVE-2024-7593, has a CVSS score of 9.8…
Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Day Exploits
Microsoft on Tuesday shipped fixes to address a total of 90 security flaws, including 10 zero-days, of which six have come under active exploitation in the wild. Of the 90 bugs, seven are rated Critical, 79 are rated Important, and…
Email Breach Report 2024: The Most Vulnerable Names and Providers Exposed
In 2024, email breaches continue to pose a significant threat to personal and corporate security, with millions of email addresses exposed in data hacks. An email breach occurs when malicious actors infiltrate a company’s system, stealing customer data, including email…
IntelOwl: Open-source threat intelligence management
IntelOwl is an open-source solution designed for large-scale threat intelligence management. It integrates numerous online analyzers and advanced malware analysis tools, providing comprehensive insights in one platform. “In late 2019, I faced a significant challenge while working as a cybersecurity…
Delta vs. CrowdStrike: The duties vendors owe to customers – or do they?
In a potentially groundbreaking dispute, Delta Air Lines is threatening to sue CrowdStrike, a leading cybersecurity firm, for alleged negligence and breach of contract. This case brings to the forefront critical questions about the duties vendors owe to their customers…
NIST Debuts First Set of Finalized Post-Quantum Encryption Standards
The US Department of Commerce’s National Institute of Standards and Technology (NIST) has officially released its first set of finalized encryption standards designed to withstand attacks from quantum computers. These post-quantum encryption standards are expected to secure a wide array…
Cybersecurity jobs available right now: August 14, 2024
Cloud Security Specialist EPAM Systems | Chile | Remote – View job details As a Cloud Security Specialist, you will be responsible for creating and maintaining security policies and assisting in the implementation and automation of security solutions within cloud…
Current attacks, targets, and other threat landscape trends
In this Help Net Security video, Kendall McKay, Strategic Lead, Cyber Threat Intelligence at Cisco Talos, discusses the trends that Cisco Talos incident response observed in incident response engagements from Q2 2024, which covers April to June. While the attacks…
What We Know About Suspected Iranian Cyber Intrusion in the US Presidential Race
U.S. State Department officials declined to speculate on allegations that Iran was behind the hack, but a spokesperson said it would be in keeping with Tehran’s past use of cyberattacks and deception. The post What We Know About Suspected Iranian…
NIST releases finalized post-quantum encryption standards
NIST has finalized its principal set of encryption algorithms designed to withstand cyberattacks from a quantum computer. The announced algorithms are specified in the first completed standards from NIST’s post-quantum cryptography (PQC) standardization project and are ready for immediate use.…
Cybercrime mit Angler Exploit-Kit: Bandenführer kommt in den USA vor Gericht
Fast 10 Jahre lang wurden die Cyberkriminellen hinter dem Exploit-Kit Angler gesucht. Jetzt wird der Anführer der Bande in den USA vor Gericht gestellt. Dieser Artikel wurde indexiert von heise Security Lesen Sie den originalen Artikel: Cybercrime mit Angler Exploit-Kit:…
A Letter From Our CEO
Let me begin with a strong and sincere apology for a recent marketing decision at an event hosted by Palo Alto Networks during Black Hat in Las Vegas. The post A Letter From Our CEO appeared first on Palo Alto…
ISC Stormcast For Wednesday, August 14th, 2024 https://isc.sans.edu/podcastdetail/9096, (Wed, Aug 14th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Wednesday, August 14th, 2024…
NIST finalizes trio of post-quantum encryption standards
Nicely ahead of that always-a-decade-away moment when all our info becomes an open book The National Institute of Standards and Technology (NIST) today released the long-awaited post-quantum encryption standards, designed to protect electronic information long into the future – when…
Patch Tuesday brings 90 new Microsoft CVEs, six already under exploit
Plus more pain for Intel which fixed 43 bugs, SAP and Adobe also in on the action Patch Tuesday Microsoft has disclosed 90 flaws in its products – six of which have already been exploited – and four others that…
Transform Your MSP’s Financial Future
Learn How Kaseya is Changing the Game for MSPs The post Transform Your MSP’s Financial Future appeared first on Kaseya. The post Transform Your MSP’s Financial Future appeared first on Security Boulevard. This article has been indexed from Security Boulevard…
VERT Threat Alert: August 2024 Patch Tuesday Analysis
Today’s VERT Alert addresses Microsoft’s August 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1119 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-38178 CVE-2024-38178 describes a vulnerability in the…