The use of biometrics is increasingly common for authentication, and organizations must make sure their data security solutions protect what may be a new goldmine for hackers.
darkreading – Read More
The shutdown may indicate an exit scam, with the affiliate claiming they still have critical data from Optum and other providers, while ALPHV/BlackCat has shut down its negotiation sites and messaging platform.
Cyware News – Latest Cyber News – Read More
American Express says names, card account numbers, and card expiration dates were compromised in a data breach.
The post American Express Discloses Data Breach appeared first on SecurityWeek.
SecurityWeek – Read More
A critical authentication bypass in TeamCity allows remote attackers to take full control of vulnerable servers.
The post Critical Vulnerability Exposes TeamCity Servers to Takeover appeared first on SecurityWeek.
SecurityWeek – Read More
Researchers from Israel Institute of Technology, Intuit and Cornell Tech have developed a computer worm called “Morris II” that targets generative AI (GenAI) applications to spread malware and steal personal data.
Cyware News – Latest Cyber News – Read More
The OpenSSF has implemented various initiatives to improve open-source software security, including the creation of a Malicious Packages repository and partnering with CISA to develop a security maturity framework for package repositories.
Cyware News – Latest Cyber News – Read More
GitHub has implemented push protection as a default security feature for all public repositories to prevent accidental leaks of sensitive information such as API keys and tokens.
Cyware News – Latest Cyber News – Read More
The JetBrains TeamCity On-Premises CI/CD solution has been found to have two critical vulnerabilities (CVE-2024-27198 and CVE-2024-27199) that can allow remote attackers to take control of the server and modify system settings without authentication.
Cyware News – Latest Cyber News – Read More