China Caught Dropping RAT Designed for FortiGate Devices

Dutch military intelligence warns that new malware, called “Coathanger,” was found in multiple FortiGate devices during an incident response, and that Chinese-state actors are using the persistent RAT for espionage.

darkreading – ​Read More

Cisco Patches Critical Vulnerabilities in Enterprise Communication Devices

Two critical vulnerabilities in Cisco Expressway series devices can be exploited in CSRF attacks without authentication.

The post Cisco Patches Critical Vulnerabilities in Enterprise Communication Devices appeared first on SecurityWeek.

SecurityWeek – ​Read More

IoT Networks Face Advancing Adversaries, Bug Barrage

Cyberattacks on critical infrastructure targeting IoT and OS networks are increasing in sophistication, while ICS vulnerabilities surge, new data shows.

darkreading – ​Read More

Google Announces Enhanced Fraud Protection for Android

Google Play Protect will block the installation of sideloaded applications requesting permissions frequently abused by fraudsters.

The post Google Announces Enhanced Fraud Protection for Android appeared first on SecurityWeek.

SecurityWeek – ​Read More

I Stopped Using Passwords. It’s Great—and a Total Mess

Passkeys are here to replace passwords. When they work, it’s a seamless vision of the future. But don’t ditch your old logins just yet.

Security Latest – ​Read More

How to Predict Your Patching Priorities

Implementing a smart and timely approach to patching remains one of the primary ways for organizations to protect their networks from attackers.

The post How to Predict Your Patching Priorities appeared first on SecurityWeek.

SecurityWeek – ​Read More

3 Million Toothbrushes Abused for DDoS Attack: Real or Not?

Three million electric toothbrushes were reportedly used for disruptive DDoS attacks, but cybersecurity experts questioned the claims.

The post 3 Million Toothbrushes Abused for DDoS Attack: Real or Not? appeared first on SecurityWeek.

SecurityWeek – ​Read More

Google Fixed an Android Critical Remote Code Execution Flaw

Google has released the February 2024 security patches for Android to fix 46 vulnerabilities, including a critical remote code execution flaw (CVE-2024-0031) in the System component.

Cyware News – Latest Cyber News – ​Read More

Critical Patches Released for New Flaws in Cisco, Fortinet, VMware Products

Cisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses that could be exploited to perform arbitrary actions on affected devices.
The first set from Cisco consists of three flaws – CVE-2024-20252 and CVE-2024-20254 (CVSS score: 9.6) and CVE-2024-20255 (CVSS score: 8.2) – impacting Cisco Expressway Series that could allow an

The Hacker News – ​Read More

Biden Administration Names a Director of the New AI Safety Institute

The Biden administration named Elizabeth Kelly as the director of the newly established safety institute for artificial intelligence.

The post Biden Administration Names a Director of the New AI Safety Institute appeared first on SecurityWeek.

SecurityWeek – ​Read More