May 10, 2024 at 09:36AM Artificial intelligence (AI) is revolutionizing cybersecurity by outsmarting advanced cyber threats. “The Future of Threat Hunting is Powered by Generative AI” webinar, led by Censys Security Researcher Aidan Holland, will showcase CensysGPT – a cutting-edge tool enabling quicker threat detection, simplified competitor searches, and actionable insights from network data. Attend … Read more
May 10, 2024 at 07:00AM Google released security updates to fix a zero-day flaw (CVE-2024-4671) in Chrome actively exploited in the wild. The vulnerability involves use-after-free in the Visuals component, reported by an anonymous researcher on May 7, 2024. This is the second zero-day addressed by Google in 2024. Users are advised to upgrade their … Read more
May 10, 2024 at 07:00AM Malicious Android apps posing as popular services like Google, Instagram, and WhatsApp are stealing user credentials. These apps gain control over devices, allowing for unauthorized actions like data theft and malware deployment. Social engineering campaigns and phishing URLs are also being used to propagate Android malware, leading to increased attacks … Read more
May 9, 2024 at 06:18PM Monday.com, a widely used project management platform, has removed its “Share Update” feature due to abuse by threat actors in phishing attacks. Customers received phishing emails purportedly from Monday.com’s email accounts, prompting concerns of a security breach. The company confirmed that the feature was misused, leading to its suspension, and … Read more
May 9, 2024 at 05:07PM Mick Baccio, global security advisor at Splunk, discusses the evolution of election security threats in the lead-up to the 2024 US elections. He highlights the increased division and influence operations, as well as the potential impact of AI. Baccio also emphasizes the financial vulnerability of election campaigns to cybercriminals. Watch … Read more
May 9, 2024 at 03:42PM Accenture Federal Services, a subsidiary of Accenture, secures a $789 million contract from the U.S. Navy for cybersecurity enhancement in maritime forces worldwide. The SHARKCAGE initiative aims to create a unified security perimeter, with Accenture working closely with the Navy’s cybersecurity teams. The partnership covers ashore and afloat systems, integrating … Read more
May 9, 2024 at 02:07PM Dell confirmed a data breach on one of its portals, with information stolen from 49 million records now for sale on the dark web. The stolen data includes customer names, addresses, and Dell equipment details, but not payment info. Dell is undertaking an investigation and taking steps to protect customer … Read more
May 9, 2024 at 01:52PM Former NSA cyber boss Rob Joyce described digital intrusions into US water systems by China, Russia, and Iran as a “wake-up call.” Despite minimal impact, the attacks highlight the potential dangers of global tensions and the involvement of hacktivists linked to government intelligence services. The vulnerabilities in critical infrastructure underscore … Read more
May 9, 2024 at 07:49AM Two security flaws in Ivanti Connect Secure devices are exploited by the Mirai botnet, as per Juniper Threat Labs. Vulnerabilities CVE-2023-46805 and CVE-2024-21887 allow attackers to execute arbitrary code and deploy malware on susceptible instances. This comes as SonicWall reports a fake Windows File Explorer executable installing a cryptocurrency miner. … Read more
May 8, 2024 at 10:01AM A new VPN bypass technique, TunnelVision, manipulates DHCP route tables to force traffic off the VPN tunnel, allowing threat actors to snoop on and manipulate network traffic. Exploiting a DHCP design flaw, it does not depend on compromising the DHCP server. Leviathan Security Group recommends mitigation strategies to VPN providers … Read more