Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation

/in

Cybersecurity researchers have disclosed three security flaws in Planet Technology’s WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on susceptible devices.
“These switches are widely used in building and home automation systems for a variety of networking applications,” Claroty’s Tomer Goldschmidt said in a Thursday report. “An attacker

The Hacker News – ​Read More

Python-Based Bots Exploiting PHP Servers Fuel Gambling Platform Proliferation

/in

Cybersecurity researchers have exposed a new campaign that targets web servers running PHP-based applications to promote gambling platforms in Indonesia.
“Over the past two months, a significant volume of attacks from Python-based bots has been observed, suggesting a coordinated effort to exploit thousands of web apps,” Imperva researcher Daniel Johnston said in an analysis. “These attacks

The Hacker News – ​Read More

Why Many New AI Tools Aren’t Available In Europe – And How To Access Them

/in

Explore how AI tools like OpenAI’s Sora face restrictions in Europe due to GDPR, with insights on bypassing…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Google Releases Open Source Library for Software Composition Analysis

/in

Google releases OSV-SCALIBR, an open source library for software composition analysis and file system scanning.

The post Google Releases Open Source Library for Software Composition Analysis appeared first on SecurityWeek.

SecurityWeek – ​Read More

US Announces Sanctions Against North Korean Fake IT Worker Network

/in

The US Treasury has sanctioned two individuals and four entities involved in the North Korean fake IT worker scheme.

The post US Announces Sanctions Against North Korean Fake IT Worker Network appeared first on SecurityWeek.

SecurityWeek – ​Read More

Industry Reactions to Biden’s Cybersecurity Executive Order: Feedback Friday

/in

Industry professionals comment on the Biden administration’s new executive order on cybersecurity. 

The post Industry Reactions to Biden’s Cybersecurity Executive Order: Feedback Friday appeared first on SecurityWeek.

SecurityWeek – ​Read More

Researchers Warn of NTLMv1 Bypass in Active Directory Policy

/in

Silverfort has discovered that a misconfiguration can bypass an Active Directory Group Policy designed to disable NTLMv1, allowing…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Vulnerabilities in SimpleHelp Remote Access Software May Lead to System Compromise

/in

Three vulnerabilities in SimpleHelp could allow attackers to compromise the remote access software’s server and the client machine.

The post Vulnerabilities in SimpleHelp Remote Access Software May Lead to System Compromise appeared first on SecurityWeek.

SecurityWeek – ​Read More

European Privacy Group Sues TikTok and AliExpress for Illicit Data Transfers to China

/in

Austrian privacy non-profit None of Your Business (noyb) has filed complaints accusing companies like TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi of violating data protection regulations in the European Union by unlawfully transferring users’ data to China.
The advocacy group is seeking an immediate suspension of such transfers, stating the companies in question cannot shield user data

The Hacker News – ​Read More

Russian APT Phishes Kazakh Gov’t for Strategic Intel

/in

A highly targeted cyber-intelligence campaign adds fuel to the increasingly complex relationship between the two former Soviet states.

darkreading – ​Read More