Recent Security News
-
Critical Fortinet flaw may impact 150,000 exposed devices
March 8, 2024 at 03:42PM Around 150,000 Fortinet FortiOS and FortiProxy systems worldwide are vulnerable to CVE-2024-21762, enabling code execution without authentication. The Cyber Defense Agency confirmed active exploitation of the flaw, with the majority of vulnerable devices in the United States. Fortunately, a simple Python script is available to check for vulnerability. It looks…
-
South Korean Police Deploy Deepfake Detection Tool in Run-up to Elections
March 8, 2024 at 03:39PM South Korea’s National Police Agency (KNPA) has developed a tool to detect AI-generated deepfake content, trained on data from 5,400 citizens. The program accurately determines a video’s authenticity in 5-10 minutes, yielding an 80% accuracy rate. While it aids criminal investigations, it won’t be used as direct evidence in trials.…
-
QNAP warns of critical auth bypass flaw in its NAS devices
March 8, 2024 at 03:07PM QNAP has warned of vulnerabilities in its NAS software, including QTS, QuTS hero, QuTScloud, and myQNAPcloud, which could grant unauthorized access to devices. The flaws include an authentication bypass, command injection, and SQL injection, affecting various operating systems. Users are advised to upgrade to specific versions to address the vulnerabilities…
-
Microsoft Says Russian Gov Hackers Stole Source Code After Spying on Executive Emails
March 8, 2024 at 02:33PM Russian government-backed hackers breached Microsoft corporate network, stole source code, and are still attempting unauthorized access using exfiltrated email information. No evidence of customer-facing system compromise. Group may be targeting shared secrets. Increased attack volume noted. Hacking group was previously caught spying on executives and involved in SolarWinds supply chain…
-
UnitedHealth brings some Change Healthcare pharmacy services back online
March 8, 2024 at 12:57PM Change Healthcare, a subsidiary of United Health Group, is recovering from a BlackCat ransomware attack causing widespread disruptions to the US healthcare system. Electronic prescription systems are now back online, and payment transmission is available. However, the system’s full restoration is still in progress, with an interim solution managing 90%…