U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Versa Director bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Versa Director Dangerous File Type Upload Vulnerability CVE-2024-39717 (CVSS score: 6.6) to its Known Exploited Vulnerabilities…
Tag: EN
Security Affairs newsletter Round 486 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Hackers can take…
Week in review: PostgreSQL databases under attack, new Chrome zero-day actively exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: PostgreSQL databases under attack Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers. Vulnerabilities in Microsoft macOS apps may give…
New Linux Malware ‘sedexp’ Hides Credit Card Skimmers Using Udev Rules
Cybersecurity researchers have uncovered a new stealthy piece of Linux malware that leverages an unconventional technique to achieve persistence on infected systems and hide credit card skimmer code. The malware, attributed to a financially motivated threat actor, has been codenamed…
Telegram Founder Pavel Durov Arrested in France for Content Moderation Failures
Pavel Durov, founder and chief executive of the popular messaging app Telegram, was arrested in France on Saturday, according to French television network TF1. Durov is believed to have been apprehended pursuant to a warrant issued in connection with a…
Telegram Founder Pavel Durov Reportedly Arrested in France
Reports indicate Telegram founder Pavel Durov has been arrested in France. Allegations include inadequate moderation and aiding criminal… This article has been indexed from Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News Read the original article: Telegram Founder Pavel…
USENIX Security ’23 – TRust: A Compilation Framework For In-Process Isolation To Protect Safe Rust Against Untrusted Code
Authors/Presenters:Inyoung Bang and Martin Kayondo, Seoul National University; Hyungon Moon, UNIST (Ulsan National Institute of Science and Technology); Yunheung Paek, Seoul National University Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong…
Living with trust issues: The human side of zero trust architecture
Zero trust looks at every user, device and app with a bit of suspicion. But how does this impact psychological safety? This article has been indexed from Security News | VentureBeat Read the original article: Living with trust issues: The…
Hackers can take over Ecovacs home robots to spy on their owners
Recently, researchers warned vacuum and lawn mower robots made by Ecovacs could be hacked to spy on their owners, the company will fix it. During the recent Def Con hacking conference, security researchers Dennis Giese and Braelynn explained that attackers can…
PWA phishing on Android and iOS – Week in security with Tony Anscombe
Phishing using PWAs? ESET Research’s latest discovery might just ruin some users’ assumptions about their preferred platform’s security This article has been indexed from WeLiveSecurity Read the original article: PWA phishing on Android and iOS – Week in security with…
Misconfigured Access Controls in NetSuite Stores Cause Major Data Breach
Microsoft’s apps for MacOS have been exploited by hackers recently to expose a critical vulnerability. It is believed that hackers have been exploiting vulnerabilities in popular applications, such as Microsoft Outlook and Teams, to spy on Mac users. In…
Cybercriminals Place 85-Year-Old Woman Under ‘Digital Arrest’ in Hyderabad, Cheat Her of ₹5.9 Crore
Cybercriminals recently targeted an 85-year-old woman from the city, subjecting her to what can be described as a ‘digital arrest’ and extorting a staggering ₹5.9 crore from her. This elaborate scam involved convincing the elderly woman that her Aadhaar…
Oil Giant Halliburton Hit by Cyberattack, Certain Systems Affected
On Friday, oil firm Halliburton revealed further details to regulators regarding a recent attack that forced the shutdown of critical systems. The company told news outlets that it was struck by a cyberattack on Wednesday, which disrupted operations at…
Cyble Research Reveals Near-Daily Surge in Supply Chain Attacks
The prevalence of software supply chain attacks is on the rise, posing significant threats due to the extensive impact and severity of such incidents, according to threat intelligence researchers at Cyble. Within a six-month span from February to mid-August,…
Unicoin’s Four-Day Cyberattack: Disruption, Recovery, and Ongoing Investigation
Unicoin, a leading cryptocurrency company, experienced a cyberattack beginning on August 9, 2024, which severely disrupted its operations for nearly four days. The breach occurred when a hacker gained unauthorised access to the company’s Google G-Suite account, affecting all…
The Limitations of Traditional Network-Based Vulnerability Scanning – And the Systematic Underestimation of Software Risks
Introduction Recent NetRise research found that vulnerability risks are, on average, 200 times greater than what traditional network-based vulnerability scanners report! For years, traditional network-based vulnerability scanning has been a cornerstone of cybersecurity efforts for enterprise organizations. These scanners have…
Cybersecurity Strategy: Understanding the Benefits of Continuous Threat Exposure Management
The cybersecurity industry is littered with buzzwords, technologies and acronyms that can often be overwhelming for security professionals doing their best to keep up and ensure their organizations are being adequately protected. Naturally, it’s the leading analyst, research and consulting…
Data Security Posture Management (DSPM) is an Important First Step in Deploying Gen AI and Copilot Tools
Microsoft’s advanced AI assistant, Copilot, has gained significant traction in corporate environments and is rapidly changing how users interact with data across Microsoft 365 applications. Although Copilot introduces countless new possibilities, it has also brought challenges related to data access…
Massive Data Breach Worsens as New Details Emerge Across US, UK, and Canada
Several days ago, the company whose data breach could have potentially exposed all Americans’ Social Security numbers to identity thieves confirmed that they were victims of a data breach, stressing that they obtained even more sensitive data than previously…
Protecting Your Wallet: Understanding NGate Android Malware
A new and sophisticated malware has emerged, targeting the increasingly popular Near Field Communication (NFC) payment systems. Known as NGate, this Android malware has been discovered by ESET Research and poses a significant risk to users’ financial security. This blog…