Recent Security News
-
MacOS info-stealers quickly evolve to evade XProtect detection
January 16, 2024 at 04:34PM The macOS platform faces persistent challenges with information stealers evading detection, as highlighted in a report by SentinelOne that presents three malware examples circumventing XProtect. KeySteal, Atomic Stealer, and CherryPie showcase the ability of malware to evolve and avoid detection, emphasizing the need for advanced security measures beyond static detection.…
-
Ivanti Zero-Day Exploits Skyrocket Worldwide; No Patches Yet
January 16, 2024 at 04:34PM Ivanti VPNs globally compromised due to two unpatched zero-day vulnerabilities, allowing attackers to gain network access. Thousands infected, primarily by group UTA0178, with no available patches until Jan. 22 and Feb. 19. Ivanti released a mitigation and Integrity Checker Tool for existing compromises. Customers advised to follow incident response playbook…
-
Google Warns of Chrome Browser Zero-Day Being Exploited
January 16, 2024 at 04:24PM Google has released an urgent Chrome browser update to address three high-severity security flaws, warning that one is currently being exploited in the wild. The exploited zero-day, CVE-2024-0519, is an out-of-bounds memory access issue in the V8 JavaScript engine. The update also covers two additional high-risk memory safety issues. This…
-
Citrix warns of new Netscaler zero-days exploited in attacks
January 16, 2024 at 03:33PM Citrix has warned customers to immediately patch their vulnerable Netscaler ADC and Gateway appliances against actively exploited zero-day vulnerabilities (CVE-2023-6548 and CVE-2023-6549). The company advises blocking network traffic to affected instances if updates cannot be deployed immediately, and separating the management interface from internet exposure to reduce the risk of…
-
Locking down the edge
January 16, 2024 at 03:22PM As operational functions move to distributed sites and devices, edge security becomes a growing concern. Hosting data at edge locations presents increased vulnerabilities, especially in sectors like healthcare and manufacturing. Edge breaches can have severe consequences and require high-level cybersecurity protection. Dell Technologies’ webinar discusses these challenges and proposes a…