Recent Security News
-
Critical Vulnerabilities Expose Veeam ONE Software to Code Execution
November 7, 2023 at 11:42AM Veeam Software has released patches for four severe security vulnerabilities in its Veeam ONE product. The vulnerabilities could lead to remote code execution attacks and password acquisition. Administrators are urged to promptly download and install the patches. There is no evidence of the vulnerabilities being exploited, but attackers have previously…
-
Data Brokers Expose Sensitive US Military Member Info to Foreign Threat Actors: Study
November 7, 2023 at 11:42AM A new study from Duke University reveals that foreign threat actors can easily access sensitive information on US military members through data brokers. These brokers collect and sell a wide range of information, including personal details, financial data, and health information. The study found that it is inexpensive and straightforward…
-
Microsoft Authenticator now blocks suspicious MFA alerts by default
November 7, 2023 at 10:43AM Microsoft has introduced a new feature in the Authenticator app to block suspicious notifications during login. Hackers often exploit push notifications to gain access to accounts, so Microsoft now scrutinizes login attempts for unfamiliar locations or anomalous activity. Instead of showing the suspicious notification, users are prompted to open the…
-
OpenAI confirms it’s not killing off ChatGPT plugins for now
November 7, 2023 at 10:14AM OpenAI has introduced GPTs, which are customized versions of ChatGPT designed to cater to individual users for various purposes. These user-friendly GPTs can be used for education, creativity, or assistance without requiring programming skills. OpenAI is also focusing on extending GPTs’ capabilities through custom actions and API integration, potentially replacing…
-
Identity Alone Won’t Save Us: The TSA Paradigm and MGM’s Hack
November 7, 2023 at 10:04AM The recent cyberattack on MGM Resorts resulted in widespread outages and the compromise of various systems, such as slot machines and payment systems. The attack highlighted the importance of properly managing access and authentication controls. Simply adding more identity products is not the solution. Instead, organizations should focus on authentication,…