Google Discovers Fourth Zero-Day in Less Than a Month
The tech company has rolled out fixes for a type confusion vulnerability that has already been exploited by malicious actors.
darkreading – Read More
High-Severity GitLab Flaw Lets Attackers Take Over Accounts
The security flaw (tracked as CVE-2024-4835) is an XSS weakness in the VS code editor (Web IDE) that lets threat actors steal restricted information using maliciously crafted pages.
Cyware News – Latest Cyber News – Read More
Get a Lifetime of 1TB Cloud Storage for Only $80 With FolderFort
Fast, affordable cloud storage isn’t always easy to find for businesses, but now you can have a massive amount with maximum security.
Security | TechRepublic – Read More
AI Seoul Summit: 4 Key Takeaways on AI Safety Standards and Regulations
Major breakthroughs were made in global nations’ AI safety commitments, AI safety institutes, research grants and AI risk thresholds at this month’s AI Seoul Summit.
Security | TechRepublic – Read More
Morocco-based Cybercriminals Cashing in on Bold Gift Card Scams
“Rather than scam or phish everyday people directly for gift card-based payments, Storm-0539 infiltrates large retailers and fraudulently issues gift card codes to themselves, virtually printing their own money,” Microsoft’s Vasu Jakkal explained.
Cyware News – Latest Cyber News – Read More
Bugcrowd Buys Informer to Enhance Attack Surface Management
Bugcrowd CEO Dave Gerry said their acquisition of Brighton, England-based Informer will fuel the adoption of Bugcrowd’s penetration testing technology and prompt clients to expand the scope of their bug bounty programs.
Cyware News – Latest Cyber News – Read More
Three-Year-Old Apache Flink Flaw Now Under Active Attack
An improper access control bug in Apache Flink that was fixed in January 2021 has been added to the US government’s Known Exploited Vulnerabilities Catalog, meaning criminals are right now abusing the flaw in the wild to compromise targets.
Cyware News – Latest Cyber News – Read More
CISOs in Australia Urged to Take a Closer Look at Data Breach Risks
A leading cyber lawyer in Australia has warned CISOs and other IT leaders their organisations and careers could be at stake if they do not understand data risk and data governance practices.
Security | TechRepublic – Read More
Fake Antivirus Websites Deliver Malware to Android and Windows Devices
Threat actors have been observed making use of fake websites masquerading as legitimate antivirus solutions from Avast, Bitdefender, and Malwarebytes to propagate malware capable of stealing sensitive information from Android and Windows devices.
“Hosting malicious software through sites which look legitimate is predatory to general consumers, especially those who look to protect their devices
The Hacker News – Read More
The SEC’s SolarWinds Case: What CISOs Should Do Now
The SEC’s lawsuit may take years to resolve through litigation, but here are five things CISOs should do now to protect both themselves as individuals as well as their organizations.
darkreading – Read More