Monthly Archives: August 2024

Researchers Identify Over 20 Supply Chain Vulnerabilities in MLOps Platforms

Cybersecurity researchers are warning about the security risks in the machine learning (ML) software supply...

26
Aug
Unpacking Slack Hacks: 6 Ways to Protect Sensitive Data with Secure Collaboration

Nowadays, sensitive and critical data is traveling in everyday business channels that offer only the...

26
Aug
Critical Flaws in Traccar GPS System Expose Users to Remote Attacks

Two security vulnerabilities have been disclosed in the open-source Traccar GPS tracking system that could...

26
Aug
New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards

Cybersecurity researchers have uncovered new Android malware that can relay victims’ contactless payment data from...

26
Aug
Telegram Founder Pavel Durov Arrested in France for Content Moderation Failures

Pavel Durov, founder and chief executive of the popular messaging app Telegram, was arrested in...

25
Aug
New Linux Malware ‘sedexp’ Hides Credit Card Skimmers Using Udev Rules

Cybersecurity researchers have uncovered a new stealthy piece of Linux malware that leverages an unconventional...

25
Aug
Brightening the outlook for security in the cloud
August 24, 2024

The NCSC’s Cloud Security Research Lead suggests some approaches to help you get confidence in...

CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has placed a security flaw impacting Versa...

24
Aug
Meta Exposes Iranian Hacker Group Targeting Global Political Figures on WhatsApp

Meta Platforms on Friday became the latest company after Microsoft, Google, and OpenAI to expose...

24
Aug
New PEAKLIGHT Dropper Deployed in Attacks Targeting Windows with Malicious Movie Downloads

Cybersecurity researchers have uncovered a never-before-seen dropper that serves as a conduit to launch next-stage...

23
Aug
Webinar: Experience the Power of a Must-Have All-in-One Cybersecurity Platform

Let’s be honest. The world of cybersecurity feels like a constant war zone. You’re bombarded...

23
Aug
Focus on What Matters Most: Exposure Management and Your Attack Surface

Read the full article for key points from Intruder’s VP of Product, Andy Hornegold’s recent...

23
Aug
New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data

The threat actors behind a recently observed Qilin ransomware attack have stolen credentials stored in...

23
Aug
New macOS Malware “Cthulhu Stealer” Targets Apple Users’ Data

Cybersecurity researchers have uncovered a new information stealer that’s designed to target Apple macOS hosts...

23
Aug
Latvian Hacker Extradited to U.S. for Role in Karakurt Cybercrime Group

A 33-year-old Latvian national living in Moscow, Russia, has been charged in the U.S. for...

23
Aug
Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide

Cybersecurity researchers have uncovered a hardware backdoor within a particular model of MIFARE Classic contactless...

22
Aug
Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk

SolarWinds has issued patches to address a new security flaw in its Web Help Desk...

22
Aug
Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control

Details have emerged about a China-nexus threat group’s exploitation of a recently disclosed, now-patched security...

22
Aug
New ‘ALBeast’ Vulnerability Exposes Weakness in AWS Application Load Balancer

As many as 15,000 applications using Amazon Web Services’ (AWS) Application Load Balancer (ALB) for...

22
Aug
Safe Practices for Online Shopping: Guarding Against Bad Actors

Online shopping has revolutionized the way we purchase goods, offering convenience and accessibility like never...

22
Aug
The Facts About Continuous Penetration Testing and Why It’s Important

What is Continuous Attack Surface Penetration Testing or CASPT? Continuous Penetration Testing or Continuous Attack...

22
Aug
Google Fixes High-Severity Chrome Flaw Actively Exploited in the Wild

Google has rolled out security fixes to address a high-severity security flaw in its Chrome...

22
Aug
Critical Flaw in WordPress LiteSpeed Cache Plugin Allows Hackers Admin Access

Cybersecurity researchers have disclosed a critical security flaw in the LiteSpeed Cache plugin for WordPress...

22
Aug
GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges

GitHub has released fixes to address a set of three security flaws impacting its Enterprise...

22
Aug
New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining

Cybersecurity researchers have unpacked a new malware strain dubbed PG_MEM that’s designed to mine cryptocurrency...

22
Aug
Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data

Cybersecurity researchers have disclosed a critical security flaw impacting Microsoft’s Copilot Studio that could be...

21
Aug
North Korean Hackers Deploy New MoonPeak Trojan in Cyber Campaign

A new remote access trojan called MoonPeak has been discovered as being used by a...

21
Aug
NIST Releases Second Public Draft of Digital Identity Guidelines for Final Review
August 21, 2024

The guidance aims to ensure security, privacy and accessibility during the identity-proofing process for people...

It’s Time To Untangle the SaaS Ball of Yarn

It’s no great revelation to say that SaaS applications have changed the way we operate,...

21
Aug
Styx Stealer Creator’s OPSEC Fail Leaks Client List and Profit Details

In what’s a case of an operational security (OPSEC) lapse, the operator behind a new...

21
Aug