Threats & Malware, Vulnerabilities
April 12, 2024
Security WeekTracked as CVE-2024-3400 and assigned a severity score of 10 out of 10, the security defect was identified in the GlobalProtect feature of PAN-OS, the operating system running on Palo Alto Networks appliances. “A command injection vulnerability in the GlobalProtect […]
April 11, 2024
TechRadarPasswords serve as the first line of defense against data breaches, yet individuals often exhibit poor habits when it comes to selecting or updating their passwords regularly. Despite widespread requirements for secure passwords across applications and websites, research indicates that […]
Threats & Malware, Vulnerabilities
April 11, 2024
Security AffairsMicrosoft Patches Tuesday security updates for April 2024 addressed 147 vulnerabilities in multiple products. This is the highest number of fixed issues from Microsoft this year and the largest since at least 2017. The issues impact Microsoft Windows and Windows […]
April 10, 2024
Panda SecurityRewards For Justice (RFJ), a U.S. government interagency rewards program. Offers up to $10 million reward for any information that could lead to the identification or location of any person from the ALPHV cyber gang, also known as BlackCat, who […]
Threats & Malware, Vulnerabilities
April 9, 2024
TechRadarBack in January, we reported on a small security update patch for Windows 10 that brought on a lot of headaches for IT admins and brought on a veritable cavalcade of error codes. Microsoft promised a fix was in the […]
Threats & Malware, Vulnerabilities
April 9, 2024
Security AffairsBitdefender researchers discovered multiple vulnerabilities in LG webOS running on smart TVs that could be exploited to bypass authorization and gain root access on the devices. The vulnerabilities discovered by the researchers impact WebOS versions 4 through 7 running on […]
April 8, 2024
The RegisterHome Depot has confirmed that a third-party company accidentally exposed some of its employees’ personal details after a criminal copy-pasted the data online. In a statement to The Register, Home Depot spokesperson Beth Marlowe said: “A third-party SaaS vendor inadvertently […]
Threats & Malware, Vulnerabilities
April 8, 2024
TechRadarMultiple generative AI models uploaded to Hugging Face were found to be vulnerable in a way that allowed threat actors to run malicious code and extract sensitive user information. This is according to a new report from the cloud security […]
April 8, 2024
Dark ReadingThe sophisticated threat group behind a complex JavaScript remote access Trojan (RAT) known as JSOutProx has released a new version of the malware to target organizations in the Middle East. Cybersecurity services firm Resecurity analyzed technical details of multiple incidents […]
April 5, 2024
Security AffairsA cyberattack hit Omni Hotels & Resorts disrupting its services and forcing the company to shut down its systems. The hotel chain did not share details about the attack, however, the effects reported in the notice suggest that the company […]
April 4, 2024
The RegisterLeicester City Council is finally admitting its “cyber incident” was carried out by a ransomware gang and that data was stolen, hours after the criminals forced its hand. The attack began nearly a month ago on March 7 and since […]
April 4, 2024
Security AffairsCity of Hope is a renowned cancer research and treatment center located in Duarte, California, United States. It is recognized for its comprehensive cancer care, innovative research, and compassionate patient support services. City of Hope suffered a data breach, the […]
April 3, 2024
Naked SecurityTo deploy a ransomware attack, adversaries must first gain access to a victim’s corporate environment, devices, and data. Threat actors typically use two main approaches to gain entry: logging in using compromised credentials, i.e., legitimate access data that had previously […]
Mobile, Mobile security, Threats & Malware, Vulnerabilities
April 3, 2024
Security WeekThe exploited flaws, tracked as CVE-2024-29745 and CVE-2024-29748, impact Pixel’s bootloader and firmware, Google notes in its advisory. The internet giant says it has indications that these two security defects “may be under limited, targeted exploitation,” without providing specific details […]
April 2, 2024
The Hacker NewsThe threat actor known as TA558 has been attributed to a new massive phishing campaign that targets a wide range of sectors in Latin America with the goal of deploying Venom RAT. The attacks primarily singled out hotel, travel, trading, […]
April 2, 2024
The RegisterThe FCC appears to finally be stepping up efforts to secure decades-old flaws in American telephone networks that are allegedly being used by foreign governments and surveillance outfits to remotely spy on and monitor wireless devices. At issue are the […]
Threats & Malware, Virus & Malware
April 1, 2024
The Hacker NewsDespite a plethora of available security solutions, more and more organizations fall victim to Ransomware and other threats. These continued threats aren’t just an inconvenience that hurt businesses and end users – they damage the economy, endanger lives, destroy businesses […]
Threats & Malware, Virus & Malware
April 1, 2024
Security AffairsJamf Threat Labs researchers analyzed info stealer malware attacks targeting macOS users via malicious ads and rogue websites. One of the attacks spotted by the researchers relied on sponsored ads proposed to the users while searching for “Arc Browser” on […]
Mobile, Mobile security, Threats & Malware, Virus & Malware
April 1, 2024
The Hacker NewsThe Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques, enabling its operators to remotely interact with a mobile device and harvest sensitive data. “Vultur has also started […]
March 29, 2024
Security WeekIdentified on April 17, the attack impacted systems associated with Point32Health’s Harvard Pilgrim Health Care brand, including systems serving Harvard Pilgrim Health Care Commercial and Medicare Advantage Stride plans and “used to service members, accounts, brokers, and providers”. “The investigation […]