Recent Security News
-
A tale of 2 casino ransomware attacks: One paid out, one did not
December 28, 2023 at 12:13PM Two cybercrime attacks targeted high-profile Las Vegas casinos, resulting in ransomware infections and data theft. While one company, Caesar Entertainment, chose to pay the ransom and experienced minimal disruption, the other, MGM Resorts, opted not to pay and suffered extensive downtime and financial losses. The decision to pay or not…
-
Palo Alto Networks Completes Acquisition of Talon
December 28, 2023 at 12:12PM Palo Alto Networks has completed the acquisition of Israeli startup Talon Cyber Security, known for its secure browser technology. The deal valued at $625 million aims to integrate Talon’s technology into Palo Alto’s suite to enhance security for both managed and unmanaged devices. The move aligns with Palo Alto’s zero-trust…
-
Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers
December 28, 2023 at 11:21AM Apache OFBiz, utilized for business operations, contains a critical pre-authentication remote code execution vulnerability, CVE-2023-49070, actively being exploited. A patch to resolve the issue was found incomplete, resulting in the discovered bypass flaw, CVE-2023-51467. The urgency for users to upgrade to version 18.12.11 is emphasized due to the risk of…
-
Kaspersky reveals previously unknown hardware ‘feature’ used in iPhone attacks
December 28, 2023 at 10:54AM Kaspersky’s GReAT team uncovered a hidden iPhone feature, exploited through CVE-2023-38606, allowing attackers to evade memory protection. The issue affected iPhones on iOS up to 16.6 and may have been for testing or debugging. The team’s thorough analysis revealed a sophisticated attack vector, demonstrating how even advanced hardware protection can…
-
In Cybersecurity and Fashion, What’s Old Is New Again
December 28, 2023 at 10:02AM DDoS attacks and zero-day threats continue to plague cybersecurity due to their effectiveness, with OpenAI attributing ChatGPT issues to a DDoS attack. The rise in IoT vulnerabilities and new network protocols contributes to the surge in attacks, prompting the need for robust anti-DDoS strategies, including scalable infrastructure, traffic monitoring, and…