A critical vulnerability, named ‘BatBadBut’, impacts multiple programming languages, its exploitation can lead to command injection in Windows applications. The cybersecurity researcher RyotaK (@ryotkak ) discovered a critical vulnerability, dubbed BatBadBut, which impacts multiple programming languages. When specific conditions are satisfied,…
Tag: EN
Offensive Security Necessitates a Data-driven Approach for CISOs
There remains a significant disparity in utilisation of resources between defensive and offensive cybersecurity technologies. When comparing the return on investment (ROI) for defensive and offensive investments, security experts discovered that offensive security routinely outperforms defensive security. For example,…
Unmasking the “Golden Top” Cybercrime Syndicate: Zambia’s Battle Against Deception
Zambia has exposed a sophisticated Chinese cybercrime syndicate that preyed on unsuspecting victims across the globe. The operation, which unfolded during a multi-agency raid, led to the apprehension of 77 individuals, including 22 Chinese nationals. This case sheds light on…
AI’s Role in Averting Future Power Outages
Amidst an ever-growing demand for electricity, artificial intelligence (AI) is stepping in to mitigate power disruptions. Aseef Raihan vividly recalls a chilling night in February 2021 in San Antonio, Texas, during winter storm Uri. As temperatures plunged to -19°C,…
U.S. Treasury Hamas Spokesperson for Cyber Influence Operations
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Friday announced sanctions against an official associated with Hamas for his involvement in cyber influence operations. Hudhayfa Samir ‘Abdallah al-Kahlut, 39, also known as Abu Ubaida, has served as…
Ex-Security Engineer Jailed 3 Years for $12.3 Million Crypto Exchange Thefts
A former security engineer has been sentenced to three years in prison in the U.S. for charges relating to hacking two decentralized cryptocurrency exchanges in July 2022 and stealing over $12.3 million. Shakeeb Ahmed, the defendant in question, pled guilty to one count of…
X’s URL Blunder Sparks Security Concerns
X, the social media platform formerly known as Twitter, recently grappled with a significant security flaw within its iOS app. The issue involved an automatic alteration of Twitter.com links to X.com links within Xeets, causing widespread concern among users.…
E-Challan Fraud, Man Loses Rs 50,000 Despite Not Sharing Bank OTP
In a cautionary tale from Thane, a 41-year-old man, M.R. Bhosale, found himself embroiled in a sophisticated online scam after his father fell victim to a deceptive text message. The incident sheds light on the dangers of trusting unknown…
Critical Palo Alto GlobalProtect Vulnerability Exploited (CVE-2024-3400), (Sat, Apr 13th)
On Friday, Palo Alto Networks released an advisory warning users of Palo Alto's Global Protect product of a vulnerability that has been exploited since March [1]. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the…
House Passes Reauthorization of Key US Surveillance Program After Days of Upheaval Over Changes
The bill was approved on a bipartisan basis, 273-147, though it will still have to clear the Senate to become law. The post House Passes Reauthorization of Key US Surveillance Program After Days of Upheaval Over Changes appeared first on…
Government spyware is another reason to use an ad blocker
Spyware makers are reportedly working on targeting individuals with stealthy data-stealing malware using online banner ads. © 2024 TechCrunch. All rights reserved. For personal use only. This article has been indexed from Security News | TechCrunch Read the original article:…
Stay Safe This Tax Season: Fake Tax Apps Pushing Malware on the Rise
[By: Krishna Vishnubhotla, Vice President Product Strategy, Zimperium] Tax Day is just around the corner and it is vital for individuals and businesses to be hypervigilant of the tax apps we choose as there has been a significant rise in…
Windows Apps Vulnerable to Command Injection via “BatBadBut” Flaw
By Deeba Ahmed Critical ‘BatBadBut’ Flaw in Windows Lets Hackers Inject Commands (Patch Now!) This is a post from HackRead.com Read the original post: Windows Apps Vulnerable to Command Injection via “BatBadBut” Flaw This article has been indexed from Hackread…
Space Force Is Planning a Military Exercise in Orbit
Two satellites will engage in a “realistic threat response scenario” when Victus Haze gets underway. This article has been indexed from Security Latest Read the original article: Space Force Is Planning a Military Exercise in Orbit
From Alert Fatigue to Leadership Acumen: How MDR Empowers CISO Aspirations
[By: Nazar Tymosyk, CEO, UnderDefense Cybersecurity] The digital landscape is crawling with hidden cyber threats, demanding capable cybersecurity leadership more than ever. While technical expertise forms the foundation, career advancement for aspiring Chief Information Security Officers (CISOs) hinges on exceeding…
Keeping cybersecurity within focus as economic pressures take hold
[By Chase Richardson, Head of US & Lead Principal at Bridewell] The operators of US critical infrastructure are facing intense pressure due to cyber threats to their interconnected systems and networks. To bolster the sector’s defenses, the Biden-Harris Administration…
Roku Breach Hits 567,000 Users
Plus: Apple warns iPhone users about spyware attacks, CISA issues an emergency directive about a Microsoft breach, and a ransomware hacker tangles with an unimpressed HR manager named Beth. This article has been indexed from Security Latest Read the original…
Cybercriminals Employ Obfuscation in Invoice Phishing Malware Campaigns
An array of cunning cyberattack campaigns utilizing seemingly innocuous invoices to deliver malware attacks have been uncovered by cybersecurity researchers. In this deceptive campaign, malicious Scalable Vector Graphics (SVG) file attachments are embedded in phishing emails that have been…
Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack
Threat actors have been exploiting the newly disclosed zero-day flaw in Palo Alto Networks PAN-OS software dating back to March 26, 2024, nearly three weeks before it came to light yesterday. The network security company’s Unit 42 division is tracking the activity…
Cyber Attacks: The Need For an IT and Board-Level Understanding of the Risks
[By James Allman-Talbot, Head of Incident Response and Threat Intelligence at Quorum Cyber] According to IBM, the global average cost of a data breach in 2023 was 4.45 million, which was a 15% increase over three years. Microsoft notes…