Attackers have developed multiple techniques to bypass reputation-based security controls like Windows Smart App Control, allowing them initial access to environments without triggering alerts. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
Tag: EN
Police Shield Communications from Public Scrutiny with Encryption
A police radio transmission went silent in Aurora, Colorado, in 2016, and then in Denver, Colorado, in 2019. Many journalists are used to using newsroom scanners to monitor police radio communications to identify any newsworthy events as soon as…
Elastic automates SIEM data onboarding with Automatic Import
Elastic is accelerating the adoption of AI-driven security analytics by automating SIEM data onboarding with Automatic Import. This new feature — the only one of its kind for a security analytics or SIEM solution — automates the development of custom…
Cequence Unified API Protection defends against attacks targeting AI applications
Cequence introduced advancements to its Unified API Protection (UAP) platform, specifically tailored to support the secure use of AI applications like Generative AI and Large Language Models (LLMs). Cequence’s solutions protect applications deployed in the cloud, on-premises, and hybrid environments,…
AppSOC launches new AI security capabilities for enhanced governance and protection
AppSOC has launched capabilities for safeguarding artificial intelligence (AI) applications and agents while providing the visibility and governance that enterprises need to leverage AI with confidence. Businesses across sectors are recognizing the immense potential of AI, but the rush to…
Roundcube flaws allow easy email account compromise (CVE-2024-42009, CVE-2024-42008)
Two cross-site scripting vulnerabilities (CVE-2024-42009, CVE-2024-42008) affecting Roundcube could be exploited by attackers to steal users’ emails and contacts, email password, and send emails from their account. About the vulnerabilities Roundcube is an open-source webmail software solution popular with European…
Tech Contractor Exposes Data of 4.6 Million US Voters
A US technology contractor has inadvertently exposed the personal data of 4.6 million voters and election documents from multiple counties in Illinois, sparking significant concerns over election security and voter privacy. The databases, managed by Platinum Technology Resource, were found…
UK health services call-handling vendor faces $7.7M fine over 2022 ransomware attack
Nearly 83,000 people had their data stolen amid chaos that struck NHS healthcare The UK’s data protection watchdog says it plans to fine a managed software provider to the NHS £6.09 million ($7.7 million) for failings that led to a…
Chrome, Firefox Updates Patch Serious Vulnerabilities
A Chrome 127 update patches five vulnerabilities, and Firefox 129 addresses over a dozen security holes. The post Chrome, Firefox Updates Patch Serious Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek RSS Feed Read the original…
Flashpoint Ignite and Echosec deliver threat intelligence for enhanced protection
Flashpoint has released new features and capabilities to its flagship platform, Flashpoint Ignite, and Echosec, its comprehensive location intelligence solution. Those working in security and threat analysis are at the forefront of the constantly evolving threat landscape. However, each organization…
D3 enhances Smart SOAR Platform with Ace AI
D3 has announced the release of Ace AI, a collection of new capabilities for D3’s Smart SOAR platform that leverage the power of artificial intelligence to make security operations faster and more intuitive. In a security operations climate where excessive…
EQT takes a majority stake in cybersecurity firm Acronis at $3.5B+ valuation
Cybersecurity remains a white-hot space for investors. In the latest example of that demand, EQT has bought a majority stake in Acronis, a security company that specializes in data protection, cloud and integrated security solutions for managed service providers (which…
Cymulate AI Copilot validates security against real-time threats
Cymulate AI Copilot is a generative AI solution designed to deploy, test and tune security controls to evaluate their effectiveness against real-time threats. The solution offers a dynamic attack planner, among other AI-powered features, for greater insights into cybersecurity control…
Contrast Security ADR enables teams to identify vulnerabilities, detect threats, and stop attacks
Contrast Security introduced Application Detection and Response (ADR), which empowers security teams to identify vulnerabilities, detect threats, and stop attacks that target custom applications and APIs. Today’s layered “detection and response” security defenses have a gap. They provide visibility into…
XDSpy Hackers Attacking Users to Steal Sensitive Data
The notorious threat actor group XDSpy has been reported to target organizations in Russia and Moldova. The sophisticated phishing malware campaign aims to steal sensitive data through well-coordinated attack chains. Spear-phishing emails as the Initial Vector According to the Broadcom…
EQT takes a majority stake in cybersecurity firm Acronis at a $3.5B+ valuation
Cybersecurity remains a white-hot space for investors, and in the latest deal, EQT is taking a majority stake in Acronis, a security company that specializes in data protection, cloud and integrated security solutions for managed service providers (who in turn…
Chameleon Android Banking Trojan Targets Users Through Fake CRM App
Cybersecurity researchers have lifted the lid on a new technique adopted by threat actors behind the Chameleon Android banking trojan targeting users in Canada by masquerading as a Customer Relationship Management (CRM) app. “Chameleon was seen masquerading as a CRM…
Britain NHS Software provider to face Ransomware penalty of £ 6 million
NHS England has been making headlines since 2017 due to ongoing cyber attacks and ransomware incidents. Recently, the non-profit organization is in the news again, this time because of a £6 million fine related to a 2022 ransomware attack that…
Can a Bitcoin Ban Help Stop Ransomware Attacks
As ransomware attacks continue to escalate, with cybercriminals demanding hefty ransoms paid in cryptocurrencies like Bitcoin, there is growing debate over whether banning Bitcoin could be an effective strategy to curb these attacks. While a ban on Bitcoin might seem…
Chrome Security Update: Patch for Multiple Vulnerabilities
Google has announced a critical security update for its Chrome browser, addressing several vulnerabilities that malicious actors could exploit. The Stable channel has been updated to version 127.0.6533.99/.100 for Windows and Mac and 127.0.6533.99 for Linux. This update will be…