Recent Security News

  • GitLab warns of critical arbitrary branch pipeline execution flaw

    October 10, 2024 at 11:19AM GitLab has issued security updates for vulnerabilities in Community and Enterprise Editions, notably a critical flaw (CVE-2024-9164) that allows unauthorized pipeline execution. Patches are available in versions 17.4.2, 17.3.5, and 17.2.9. Users are urged to upgrade promptly; dedicated customers need not take action. **Meeting Takeaways:** 1. **Security Update Release**: GitLab…

    Read More

  • Secure your AI initiatives

    October 10, 2024 at 10:22AM Join Anna McAbee, Senior Solutions Architect at AWS, on October 29 for a webinar on security strategies for generative AI. Learn how to adapt access and data privacy policies, leverage AWS tools, and ensure resilience and compliance while implementing AI initiatives. Secure your spot for valuable insights. ### Meeting Takeaways…

    Read More

  • Fore-get about privacy, golf tech biz leaves 32M data records on the fairway

    October 10, 2024 at 10:22AM A researcher discovered nearly 32 million records from Trackman users exposed in an unsecured database, risking data breaches and cyberattacks. Trackman, used by pro golfers and leagues, quickly secured the database but failed to notify affected users of the exposure. Sensitive information could facilitate phishing and other cybercrimes. ### Meeting…

    Read More

  • CISA adds fresh Ivanti vuln, critical Fortinet bug to hall of shame

    October 10, 2024 at 09:39AM The US CISA has added vulnerabilities in Fortinet and Ivanti products to its Known Exploited Vulnerabilities catalog. Fortinet’s critical CVE-2024-23113 affects multiple products, allowing remote code execution. Ivanti faces issues with CVE-2024-9379 and CVE-2024-9380 related to its Cloud Services Application, prompting security recommendations for users. ### Meeting Takeaways **1. Fortinet…

    Read More

  • OpenAI Blocks 20 Global Malicious Campaigns Using AI for Cybercrime and Disinformation

    October 10, 2024 at 09:33AM OpenAI reported disrupting over 20 malicious operations this year, targeting deceptive use of its platform, including malware and social media manipulation. Notably, cyber operations involved groups from China and Iran attempting to exploit AI for harmful activities, while emphasizing that significant breakthroughs in malware development were not evident. ### Meeting…

    Read More