Recent Security News
-
Android’s March 2024 Update Patches Critical Vulnerabilities
March 6, 2024 at 08:31AM Google released security updates for Android, addressing 38 vulnerabilities including 2 critical flaws in the System component impacting Android 12, 12L, 13, and 14. The flaws could result in remote code execution and elevation of privilege. Devices can be protected by installing the March 2024 security update. Other components like…
-
Southern Company Builds SBOM for Electric Power Substation
March 6, 2024 at 08:03AM Southern Company undertook a project to create a software bill of materials (SBOM) for its Mississippi substation, involving inventorying hardware, software, and firmware, and gathering supply-chain information from 17 vendors. The process included challenges such as limited vendor cooperation and outdated SBOMs upon receipt. The project highlighted the importance of…
-
Capita says 2023 cyberattack costs a factor as it reports staggering £100M+ loss
March 6, 2024 at 07:39AM Capita reported a net loss of £106.6 million in 2023 due to a cyberattack by the Black Basta ransomware group, which incurred costs exceeding initial estimates. This resulted in a 20% drop in market capitalization. The new CEO plans further cost cuts to save £100 million by mid-2025. Capita continues…
-
Hackers target Docker, Hadoop, Redis, Confluence with new Golang malware
March 6, 2024 at 07:15AM Hackers are using new Golang-based malware to target misconfigured servers running Apache Hadoop YARN, Docker, Confluence, or Redis. The campaign exploits configuration weaknesses and an old vulnerability in Atlassian Confluence. Researchers at Cado Security identified the attack, which involves novel Golang payloads and common Linux attack techniques to install a…