Norton Introduces Small Business Premium for Business-Grade Security

November 21, 2024 at 05:36PM Norton has launched Norton Small Business Premium, a comprehensive cybersecurity solution for small businesses. This service includes 24/7 tech support, financial and social media monitoring, device security, and a secure VPN. Priced from $299.99/year, it aims to simplify cybersecurity for entrepreneurs without requiring extensive IT knowledge. **Meeting Takeaways:** 1. **Product … Read more

Botnet exploits GeoVision zero-day to install Mirai malware

November 15, 2024 at 02:40PM A malware botnet is exploiting a critical zero-day vulnerability (CVE-2024-11120) in unsupported GeoVision devices for potential DDoS and cryptomining attacks. Approximately 17,000 devices are at risk, primarily in the U.S. Signs of compromise include overheating and slow performance. Replacement with supported models is advised. **Meeting Takeaways:** 1. **Vulnerability Overview**: – … Read more

New iOS Security Feature Reboots Devices to Protect User Data: Reports

November 12, 2024 at 05:07AM The latest iOS release includes a security feature that reboots locked devices that remain unlocked for extended periods, enhancing user data protection. Here are the key takeaways from the meeting notes: – A new feature in the latest iOS release is designed to enhance security. – This feature automatically reboots … Read more

Despite Emerging Regulations, Mobile Device, IoT Security Requires More Industry Attention

November 6, 2024 at 02:43PM Internet-connected devices are integral to daily life but pose significant cybersecurity risks. Consumers must remain vigilant against insecure devices and scams, particularly in light of recent regulatory advancements like the EU’s Cyber Resilience Act. Manufacturers need to adapt to evolving security requirements and enhance communication between product and cybersecurity teams. … Read more

Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland

October 23, 2024 at 10:03AM On the first day of Pwn2Own Ireland, participants showcased 52 zero-day vulnerabilities, earning $486,250 in prizes. Viettel Cyber Security led with 13 points, while notable exploits included a $100,000 success by Summoning Team. The event featured various challenges, with three days remaining for competitors to exploit patched SOHO devices. ### … Read more

700K+ DrayTek routers are sitting ducks on the internet, open to remote hijacking

October 2, 2024 at 05:38PM Multiple critical vulnerabilities in DrayTek routers, including a perfect 10 out of 10 CVSS severity rating, pose security risks for over 785,000 devices. Attackers could exploit these flaws to gain control, steal data, deploy ransomware, and launch denial-of-service attacks. It’s imperative for users to apply patches, employ best practices, and … Read more

Say Goodbye to Phishing: Must-Haves to Eliminate Credential Theft

September 13, 2024 at 08:15AM Despite increasing cyber threats, phished credentials remain the primary access vector for unauthorized entry, constituting over 80% of corporate risk. Traditional defenses are inadequate, prompting Beyond Identity to provide deterministic defenses by eliminating phishing, password usage, and push bombing attacks. Their platform authenticator also integrates diverse risk signals for adaptive … Read more

Google Confirms CVE-2024-32896 Exploited in the Wild, Releases Android Security Patch

September 4, 2024 at 10:12AM Google has released its monthly security updates for the Android operating system to address a high-severity vulnerability (CVE-2024-32896) related to privilege escalation in the Android Framework component. The vulnerability has been actively exploited and impacts the entire Android ecosystem. Users are advised to update their devices to protect against potential … Read more

Hacker wipes 13,000 devices after breaching classroom management platform

August 6, 2024 at 10:19AM A hacker has breached Mobile Guardian, a global digital classroom management platform, and remotely wiped data from over 13,000 students’ iPads and Chromebooks. Based on the meeting notes, it’s clear that there has been a security breach at Mobile Guardian, resulting in the remote wiping of data from thousands of … Read more

CISA, FBI Urge Immediate Action on OS Command Injection Vulnerabilities in Network Devices

July 11, 2024 at 07:42AM CISA and the FBI are calling for immediate action to address OS command injection vulnerabilities in network devices following recent intrusions. The agencies emphasize the need for businesses and device manufacturers to eliminate these vulnerabilities at the source. (46 words) Based on the meeting notes, the key takeaway is that … Read more