As Paris prepares to host the 2024 Summer Olympic Games, athletes from around the world converge to represent their country. But beyond the cheers and medals lies a digital underworld…. The post Guarding the Games: Cybersecurity and the 2024 Summer…
Tag: EN
API Security Day – powered by APIDays & Escape
Join top industry experts at API Security Day, a focused event at APIDays Paris, to explore in-depth strategies and insights for protecting APIs. The post API Security Day – powered by APIDays & Escape appeared first on Security Boulevard. This…
watchTowr Finds New Zero-Day Vulnerability in Fortinet Products
The new vulnerability was named “FortiJump Higher” due to its similarity with the “FortiJump” vulnerability discovered in October This article has been indexed from www.infosecurity-magazine.com Read the original article: watchTowr Finds New Zero-Day Vulnerability in Fortinet Products
Programmer Sentenced To Five Years In Prison For Bitcoin Laundering
Ilya Lichtenstein sentenced to five years in prison for hacking into a virtual currency exchange Bitfinex and stealing 119,000 Bitcoin This article has been indexed from Silicon UK Read the original article: Programmer Sentenced To Five Years In Prison For…
Cybercriminals Launch SEO Poisoning Attack to Lure Shoppers to Fake Online Stores
The research revealed how threat actors exploit SEO poisoning to redirect unsuspecting users to malicious e-commerce websites, leveraging multiple SEO malware families to achieve their goal. Three distinct threat actor groups were identified, each employing a unique malware family, with…
Chinese SilkSpecter Hackers Attacking Black Friday Shoppers
SilkSpecter, a Chinese financially motivated threat actor, launched a sophisticated phishing campaign targeting e-commerce shoppers in Europe and the USA during the Black Friday shopping season. The campaign leveraged the legitimate payment processor Stripe to steal victims’ Cardholder Data (CHD)…
Iranian “Dream Job” Cyber Campaign Targets Aerospace Sector
In a new and sophisticated cyber campaign dubbed the “Iranian Dream Job Campaign,” the Iranian threat group TA455 is using deceptive job offers to infiltrate the aerospace industry, ClearSky Cyber Security reported. The campaign relies on distributing SnailResin malware, which…
Google Debuts Online Fraud and Scams Advisory
Google has launched a regular fraud and scams advisory to combat the growing volume and sophistication of online scams. Multinational crime entities are increasingly using advanced technology and complex schemes to target victims worldwide. To protect users and the broader…
Ransomware Attacks on Healthcare Sector Surge in 2024
Ransomware attacks on the healthcare sector surged in 2024, analysis from SafetyDetectives reveals. The year has already seen 264 attacks on healthcare providers by September, nearly surpassing the 268 attacks recorded for all of 2023. Escalating Cyber Threats SafetyDetectives argues…
Known Brand, Government Domains Hijacked via Sitting Ducks Attacks
Threat actors have hijacked over 70,000 domains, including known brands and government entities, because of failed domain ownership verification. The post Known Brand, Government Domains Hijacked via Sitting Ducks Attacks appeared first on SecurityWeek. This article has been indexed from…
Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465)
Attackers have been spotted exploiting two additional vulnerabilities (CVE-2024-9463, CVE-2024-9465) in Palo Alto Networks’ Expedition firewall configuration migration tool, CISA has confirmed on Thursday. About the vulnerabilities (CVE-2024-9463, CVE-2024-9465) CVE-2024-9463 allows unauthenticated attackers to run arbitrary OS commands as root…
Vietnamese Hacker Group Deploys New PXA Stealer Targeting Europe and Asia
A Vietnamese-speaking threat actor has been linked to an information-stealing campaign targeting government and education entities in Europe and Asia with a new Python-based malware called PXA Stealer. The malware “targets victims’ sensitive information, including credentials for various online accounts,…
Black Basta Ransomware Leveraging Social Engineering For Malware Deployment
Black Basta, a prominent ransomware group, has rapidly gained notoriety since its emergence in 2022 by employing sophisticated social engineering techniques to infiltrate target networks, often leveraging advanced malware to compromise systems undetected. Once inside, Black Basta extorts victims with…
Research Highlights SHA256 Password Security Strengths and Risks
A new study by Specops Software explores the resilience of SHA256, a commonly used cryptographic hashing algorithm, against modern password-cracking techniques. The findings emphasize the algorithm’s effectiveness in protecting data, especially when combined with strong, complex passwords. However, the research…
CISA Warns of Two More Palo Alto Expedition Flaws Exploited in Attacks
CISA has added two more Palo Alto Networks Expedition flaws, CVE-2024-9463 and CVE-2024-9465, to its KEV catalog. The post CISA Warns of Two More Palo Alto Expedition Flaws Exploited in Attacks appeared first on SecurityWeek. This article has been indexed…
Oscilar Cognitive Identity Intelligence Platform combats AI-powered fraud
Oscilar unveiled its Cognitive Identity Intelligence Platform to combat the rising tide of AI-powered fraud. The platform’s proprietary “Digital & Behavior Identification” technology transforms digital identity verification in an era where traditional solutions are increasingly vulnerable to sophisticated AI-enabled attacks.…
How AI Is Transforming IAM and Identity Security
In recent years, artificial intelligence (AI) has begun revolutionizing Identity Access Management (IAM), reshaping how cybersecurity is approached in this crucial field. Leveraging AI in IAM is about tapping into its analytical capabilities to monitor access patterns and identify anomalies…
British Students Warned of Smishing Scams
British students are being warned to be vigilant about a rise in smishing scams. The body that provides undergraduate funding, The Student Loans Company, has… The post British Students Warned of Smishing Scams appeared first on Panda Security Mediacenter. This…
Critical Laravel Vulnerability CVE-2024-52301 Allows Unauthorized Access
CVE-2024-52301 is a critical vulnerability identified in Laravel, a widely used PHP framework for building web applications. The vulnerability allows unauthorized access by exploiting improperly validated inputs, potentially leading to privilege escalation, data tampering, or full system compromise. Given Laravel’s…
U.S. CISA adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following Palo Alto Networks Expedition vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog:…