cyber security news today

Microsoft Uncovers Critical Flaws in Rockwell Automation PanelView Plus

Jul 4, 2024 by iHash Leave a Comment

Jul 04, 2024NewsroomVulnerability / Critical Infrastructure Microsoft has revealed two security flaws in Rockwell Automation PanelView Plus that could be weaponized by remote, unauthenticated attackers to execute arbitrary code and trigger a denial-of-service (DoS) condition. "The [remote code execution] vulnerability in PanelView Plus involves two custom classes that can be … [Read more...] about Microsoft Uncovers Critical Flaws in Rockwell Automation PanelView Plus

The Emerging Role of AI in Open-Source Intelligence

Jul 3, 2024 by iHash Leave a Comment

Jul 03, 2024The Hacker NewsOSINT / Artificial Intelligence Recently the Office of the Director of National Intelligence (ODNI) unveiled a new strategy for open-source intelligence (OSINT) and referred to OSINT as the "INT of first resort". Public and private sector organizations are realizing the value that the discipline can provide but are also finding that the exponential … [Read more...] about The Emerging Role of AI in Open-Source Intelligence

How MFA Failures are Fueling a 500% Surge in Ransomware Losses

Jul 2, 2024 by iHash Leave a Comment

The cybersecurity threat landscape has witnessed a dramatic and alarming rise in the average ransomware payment, an increase exceeding 500%. Sophos, a global leader in cybersecurity, revealed in its annual "State of Ransomware 2024" report that the average ransom payment has increased 500% in the last year with organizations that paid a ransom reporting an average payment of $2 … [Read more...] about How MFA Failures are Fueling a 500% Surge in Ransomware Losses

Critical Flaws in CocoaPods Expose iOS and macOS Apps to Supply Chain Attacks

Jul 1, 2024 by iHash Leave a Comment

Jul 01, 2024NewsroomSupply Chain / Software Security A trio of security flaws has been uncovered in the CocoaPods dependency manager for Swift and Objective-C Cocoa projects that could be exploited to stage software supply chain attacks, putting downstream customers at severe risks. The vulnerabilities allow "any malicious actor to claim ownership over thousands of unclaimed … [Read more...] about Critical Flaws in CocoaPods Expose iOS and macOS Apps to Supply Chain Attacks

Google to Block Entrust Certificates in Chrome Starting November 2024

Jun 29, 2024 by iHash Leave a Comment

Jun 29, 2024NewsroomCybersecurity / Website Security Google has announced that it's going to start blocking websites that use certificates from Entrust starting around November 1, 2024, in its Chrome browser, citing compliance failures and the certificate authority's inability to address security issues in a timely manner. "Over the past several years, publicly disclosed … [Read more...] about Google to Block Entrust Certificates in Chrome Starting November 2024

Kimsuky Using TRANSLATEXT Chrome Extension to Steal Sensitive Data

Jun 28, 2024 by iHash Leave a Comment

Jun 28, 2024NewsroomCyber Espionage / Cyber Attack The North Korea-linked threat actor known as Kimsuky has been linked to the use of a new malicious Google Chrome extension that's designed to steal sensitive information as part of an ongoing intelligence collection effort. Zscaler ThreatLabz, which observed the activity in early March 2024, has codenamed the extension … [Read more...] about Kimsuky Using TRANSLATEXT Chrome Extension to Steal Sensitive Data

GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others

Jun 28, 2024 by iHash Leave a Comment

Jun 28, 2024NewsroomSoftware Security / DevOps GitLab has released security updates to address 14 security flaws, including one critical vulnerability that could be exploited to run continuous integration and continuous deployment (CI/CD) pipelines as any user. The weaknesses, which affect GitLab Community Edition (CE) and Enterprise Edition (EE), have been addressed in … [Read more...] about GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others

Rust-Based P2PInfect Botnet Evolves with Miner and Ransomware Payloads

Jun 27, 2024 by iHash Leave a Comment

The peer-to-peer malware botnet known as P2PInfect has been found targeting misconfigured Redis servers with ransomware and cryptocurrency miners. The development marks the threat's transition from what appeared to be a dormant botnet with unclear motives to a financially motivated operation. "With its latest updates to the crypto miner, ransomware payload, and rootkit … [Read more...] about Rust-Based P2PInfect Botnet Evolves with Miner and Ransomware Payloads

New MOVEit Transfer Vulnerability Under Active Exploitation

Jun 26, 2024 by iHash Leave a Comment

Jun 26, 2024NewsroomVulnerability / Data Protection A newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild shortly after details of the bug were publicly disclosed. The vulnerability, tracked as CVE-2024-5806 (CVSS score: 9.1), concerns an authentication bypass that impacts the following … [Read more...] about New MOVEit Transfer Vulnerability Under Active Exploitation

New Attack Technique Exploits Microsoft Management Console Files

Jun 25, 2024 by iHash Leave a Comment

Jun 25, 2024NewsroomVulnerability / Threat Detection Threat actors are exploiting a novel attack technique in the wild that leverages specially crafted management saved console (MSC) files to gain full code execution using Microsoft Management Console (MMC) and evade security defenses. Elastic Security Labs has codenamed the approach GrimResource after identifying an artifact … [Read more...] about New Attack Technique Exploits Microsoft Management Console Files

« Previous Page

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54