SecurityWeek
Ivanti Patches 27 Vulnerabilities in Avalanche MDM Product
Ivanti releases patches for 27 vulnerabilities in the Avalanche MDM product, including critical flaws leading to command execution.
The post Ivanti Patches 27 Vulnerabilities in Avalanche MDM Product appeared first on SecurityWeek.
Chrome 124, Firefox 125 Patch High-Severity Vulnerabilities
Chrome and Firefox security updates resolve over 35 vulnerabilities, including a dozen high-severity bugs.
The post Chrome 124, Firefox 125 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
Recent OT and Espionage Attacks Linked to Russia’s Sandworm, Now Named APT44
Mandiant summarizes some of the latest operations of Russia’s notorious Sandworm group, which it now tracks as APT44.
The post Recent OT and Espionage Attacks Linked to Russia’s Sandworm, Now Named APT44 appeared first on SecurityWeek.
Oracle Patches 230 Vulnerabilities With April 2024 CPU
Oracle releases 441 new security patches to address 230 vulnerabilities as part of its April 2024 Critical Patch Update.
The post Oracle Patches 230 Vulnerabilities With April 2024 CPU appeared first on SecurityWeek.
Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release
Palo Alto Networks firewall vulnerability CVE-2024-3400 increasingly exploited after PoC code has been released.
The post Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release appeared first on SecurityWeek.
Virtual Event Tomorrow: Ransomware Resilience & Recovery Summit
Join this one-day virtual summit as we shine the spotlight on the shadowy dynamics of ransomware attacks and how you can best prepare your organization to defend against and recover from these relentless attacks.
The post Virtual Event Tomorrow: Ransomware Resilience & Recovery Summit appeared first on SecurityWeek.
Critical PuTTY Vulnerability Allows Secret Key Recovery
PuTTY vulnerability CVE-2024-31497 allows attackers to compromise private keys and use them to forge signatures.
The post Critical PuTTY Vulnerability Allows Secret Key Recovery appeared first on SecurityWeek.
Cryptojacker Arrested, Charged for Defrauding Cloud Providers of $3.5 Million
Charles O. Parks III was arrested and charged with defrauding two cloud-services providers of $3.5 million.
The post Cryptojacker Arrested, Charged for Defrauding Cloud Providers of $3.5 Million appeared first on SecurityWeek.
Cloud Users Warned of Data Exposure Risk From Command-Line Tools
Cloud security specialists found data exposure risk associated with Azure, AWS, and Google Cloud command-line tools.
The post Cloud Users Warned of Data Exposure Risk From Command-Line Tools appeared first on SecurityWeek.
Hacker Conversations: Kevin O’Connor, From Childhood Hacker to NSA Operative
Kevin O’Connor knew he was a hacker by the time he was in Middle School. He went on to work for the NSA and is now director of threat research at Adlumin.
The post Hacker Conversations: Kevin O’Connor, From Childhood Hacker to NSA Operative appeared first on SecurityWeek.
Ransomware Group Starts Leaking Data Allegedly Stolen From Change Healthcare
The RansomHub group has started leaking information allegedly stolen from Change Healthcare in February 2024.
The post Ransomware Group Starts Leaking Data Allegedly Stolen From Change Healthcare appeared first on SecurityWeek.
You Against the World: The Offenders Dilemma
Foreign attackers have many more toolsets at their disposal, so we need to make sure we’re selective about our modeling, preparation and how we assess and fortify ourselves.
The post You Against the World: The Offenders Dilemma appeared first on SecurityWeek.
Omni Hotels Says Personal Information Stolen in Ransomware Attack
Omni Hotels says customer information was compromised in a cyberattack claimed by the Daixin Team ransomware group.
The post Omni Hotels Says Personal Information Stolen in Ransomware Attack appeared first on SecurityWeek.
Delinea Scrambles to Patch Critical Flaw After Failed Responsible Disclosure Attempt
PAM company Delinea over the weekend rushed to patch a critical authentication bypass vulnerability after it apparently ignored the researcher who found the flaw.
The post Delinea Scrambles to Patch Critical Flaw After Failed Responsible Disclosure Attempt appeared first on SecurityWeek.
Cisco Duo Says Hack at Telephony Supplier Exposed MFA SMS Logs
Cisco Duo warns that breach exposed phone numbers, phone carriers, metadata and other logs that could lead to downstream social engineering attacks.
The post Cisco Duo Says Hack at Telephony Supplier Exposed MFA SMS Logs appeared first on SecurityWeek.
NightVision Raises $5.4 Million for Application Security Testing
NightVision, an early stage startup in the application security testing space, has raised $5.4 million in seed funding.
The post NightVision Raises $5.4 Million for Application Security Testing appeared first on SecurityWeek.
Ransomware Group Claims Theft of Data From Chipmaker Nexperia
The Dark Angels (Dunghill) ransomware group claims to have stolen 1 Tb of data from Nexperia, which is investigating the incident.
The post Ransomware Group Claims Theft of Data From Chipmaker Nexperia appeared first on SecurityWeek.
Juniper Networks Publishes Dozens of New Security Advisories
Juniper Networks patches dozens of vulnerabilities in Junos OS, Junos OS Evolved, and other products.
The post Juniper Networks Publishes Dozens of New Security Advisories appeared first on SecurityWeek.
Destructive ICS Malware ‘Fuxnet’ Used by Ukraine Against Russian Infrastructure
ICS malware Fuxnet allegedly used by Ukrainian Blackjack group to disrupt industrial sensors and other systems belonging to a Moscow infrastructure firm.
The post Destructive ICS Malware ‘Fuxnet’ Used by Ukraine Against Russian Infrastructure appeared first on SecurityWeek.
Two People Arrested in Australia and US for Development and Sale of Hive RAT
Authorities in Australia and the US have arrested and charged two individuals for developing and selling the Hive RAT.
The post Two People Arrested in Australia and US for Development and Sale of Hive RAT appeared first on SecurityWeek.