ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models

/in

ASUS has shipped software updates to address a critical security flaw impacting its routers that could be exploited by malicious actors to bypass authentication.
Tracked as CVE-2024-3080, the vulnerability carries a CVSS score of 9.8 out of a maximum of 10.0.
“Certain ASUS router models have authentication bypass vulnerability, allowing unauthenticated remote attackers to log in the device,”

The Hacker News – ​Read More

Name That Toon: Future Shock

/in

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

darkreading – ​Read More

Tech Leaders to Gather for AI Risk Summit at the Ritz-Carlton, Half Moon Bay June 25-26, 2024

/in

SecurityWeek’s AI Risk Summit + CISO Forum bring together business and government stakeholders to provide meaningful guidance on risk management and cybersecurity in the age of artificial intelligence.

The post Tech Leaders to Gather for AI Risk Summit at the Ritz-Carlton, Half Moon Bay June 25-26, 2024 appeared first on SecurityWeek.

SecurityWeek – ​Read More

CISA Conducts First AI Cyber Incident Response Exercise

/in

The US cybersecurity agency CISA has conducted a tabletop exercise with the private sector focused on AI cyber incident response.

The post CISA Conducts First AI Cyber Incident Response Exercise appeared first on SecurityWeek.

SecurityWeek – ​Read More

MITRE: US Government Needs to Focus on Critical Infrastructure

/in

With the presidential election this year and increase in cyberattacks and conflict around the world, MITRE has outlined four important areas the incoming presidential administration should focus on next year.

darkreading – ​Read More

Exclusive: Parallel Domain launches PD Replica for high-fidelity digital twins in autonomous vehicle testing

/in

Parallel Domain launches PD Replica, a breakthrough product that generates high-fidelity digital twins from real-world data, revolutionizing autonomous vehicle testing and development.Read More

Security News | VentureBeat – ​Read More

Keytronic Says Personal Information Stolen in Ransomware Attack

/in

Keytronic confirms that personal information was compromised after a ransomware group leaked allegedly stolen data.

The post Keytronic Says Personal Information Stolen in Ransomware Attack appeared first on SecurityWeek.

SecurityWeek – ​Read More

China-Linked Hackers Infiltrate East Asian Firm for 3 Years Using F5 Devices

/in

A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in East Asia for a period of about three years, with the adversary establishing persistence using legacy F5 BIG-IP appliances and using it as an internal command-and-control (C&C) for defense evasion purposes.
Cybersecurity company Sygnia, which responded to

The Hacker News – ​Read More

Exclusive: Kong launches AI Gateway to help enterprises govern and scale generative AI

/in

Kong launches AI Gateway, an enterprise-grade, AI-native API gateway that enables organizations to govern, secure, and scale generative AI workloads across any cloud environment.Read More

Security News | VentureBeat – ​Read More

What is DevSecOps and Why is it Essential for Secure Software Delivery?

/in

Traditional application security practices are not effective in the modern DevOps world. When security scans are run only at the end of the software delivery lifecycle (either right before or after a service is deployed), the ensuing process of compiling and fixing vulnerabilities creates massive overhead for developers. The overhead that degrades velocity and puts production deadlines at risk.

The Hacker News – ​Read More