The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including three flaws impacting Cisco Catalyst SD-WAN Manager, citing evidence of active exploitation.
The list of vulnerabilities is as follows –
CVE-2023-27351 (CVSS score: 8.2) – An improper authentication vulnerability in PaperCut
The Hacker News – Read More
Stolen OAuth tokens, which are at the root of these breaches, “are the new attack surface, the new lateral movement,” a researcher noted.
darkreading – Read More
Vercel confirms a breach linked to Context.ai as a hacker lists alleged data for $2M. ShinyHunters denies involvement and flags imposters.
Hackread – Cybersecurity News, Data Breaches, AI and More – Read More
VP.NET makes VPN privacy verifiable, not just policy-based, with secure enclave tech for up to five devices.
The post This VPN Lets You Verify Your Business Privacy For $130 appeared first on TechRepublic.
Security Archives – TechRepublic – Read More
The new protocol was built for ‘better security and barrier-breaking speeds.’ I tested whether it can compete with WireGuard during its early phase.
Latest news – Read More
The OT devices that translate machine talk into Internet-speak are riddled with vulnerabilities and more frequently targeted for attacks, researchers say.
darkreading – Read More
The latest ‘Take A Message’ feature is another useful tool for managing incoming calls when your phone is out of reach.
Latest news – Read More
Although the team with Microsoft moved swiftly to patch the BlueHammer vulnerability, other exploits still threaten Microsoft Defender and Windows users.
The post Microsoft Defender Flaws Exploited on Windows, Two Left Unpatched appeared first on TechRepublic.
Security Archives – TechRepublic – Read More
Four Android banking malware campaigns are targeting more than 800 apps by abusing overlays, Accessibility permissions, and sideloaded fake apps to steal PINs.
The post Over 800 Android Apps Targeted in PIN-Stealing Trojan Campaign appeared first on TechRepublic.
Security Archives – TechRepublic – Read More
A theft of nearly $300 million worth of cryptocurrency has been attributed to hackers from North Korea, as the industry grapples with the fallout of a wide-ranging incident involving multiple prominent platforms.
The Record from Recorded Future News – Read More