Recent Security News
-
Accenture and SandboxAQ Collaborate to Help Organizations Protect Data
January 16, 2024 at 05:44PM Accenture and SandboxAQ are partnering to offer AI and quantum computing solutions for cybersecurity vulnerabilities. The collaboration aims to help organizations identify and mitigate threats posed by AI-enabled cyberattacks and quantum computing-based decryption. Accenture will leverage SandboxAQ’s Security Suite to provide comprehensive AI-enabled cryptographic management. The partnership will also develop…
-
GitHub rotates keys to mitigate impact of credential-exposing flaw
January 16, 2024 at 05:23PM GitHub resolved vulnerabilities enabling attackers to access credentials in production containers by patching CVE-2024-0200. The update applies to GitHub Enterprise Server versions 3.8.13, 3.9.8, 3.10.5, and 3.11.3. While potential exploitation requires an organization owner role, GitHub rotated exposed credentials and urges swift security update installation. Additionally, a command injection vulnerability…
-
MacOS info-stealers quickly evolve to evade XProtect detection
January 16, 2024 at 04:34PM The macOS platform faces persistent challenges with information stealers evading detection, as highlighted in a report by SentinelOne that presents three malware examples circumventing XProtect. KeySteal, Atomic Stealer, and CherryPie showcase the ability of malware to evolve and avoid detection, emphasizing the need for advanced security measures beyond static detection.…
-
Ivanti Zero-Day Exploits Skyrocket Worldwide; No Patches Yet
January 16, 2024 at 04:34PM Ivanti VPNs globally compromised due to two unpatched zero-day vulnerabilities, allowing attackers to gain network access. Thousands infected, primarily by group UTA0178, with no available patches until Jan. 22 and Feb. 19. Ivanti released a mitigation and Integrity Checker Tool for existing compromises. Customers advised to follow incident response playbook…
-
Google Warns of Chrome Browser Zero-Day Being Exploited
January 16, 2024 at 04:24PM Google has released an urgent Chrome browser update to address three high-severity security flaws, warning that one is currently being exploited in the wild. The exploited zero-day, CVE-2024-0519, is an out-of-bounds memory access issue in the V8 JavaScript engine. The update also covers two additional high-risk memory safety issues. This…