EUCLEAK Attack Allows Yubico Security Keys to be Cloned

/in

Despite this, the risk is limited as attackers would need physical access to the device, specific knowledge of targeted accounts, and specialized equipment for the attack.

Cyware News – Latest Cyber News – ​Read More

The AI Wild West: Unraveling the Security and Privacy Risks of GenAI Apps

/in

GenAI users are uploading data to over eight apps every month – what are the security and privacy concerns?

The post The AI Wild West: Unraveling the Security and Privacy Risks of GenAI Apps appeared first on SecurityWeek.

SecurityWeek – ​Read More

U.S. Seizes 32 Pro-Russian Propaganda Domains in Major Disinformation Crackdown

/in

The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of 32 internet domains used by a pro-Russian propaganda operation called Doppelganger as part of a sweeping set of actions.
Accusing the Russian government-directed foreign malign influence campaign of violating U.S. money laundering and criminal trademark laws, the agency called out companies Social Design Agency (SDA),

The Hacker News – ​Read More

Google Fixed Actively Exploited Android Privilege Escalation Flaw (CVE-2024-32896)

/in

Google has patched a high-severity vulnerability, known as CVE-2024-32896, in its Android OS actively exploited in the wild. The issue involves a privilege escalation in the Android Framework component.

Cyware News – Latest Cyber News – ​Read More

CISA Warns of Three Actively Exploited Vulnerabilities That Demand Immediate Attention

/in

Two vulnerabilities, CVE-2021-20123 and CVE-2021-20124, pose serious risks for Draytek VigorConnect routers, potentially leading to unauthorized access to sensitive files. Another vulnerability, CVE-2024-7262, affects Kingsoft WPS Office.

Cyware News – Latest Cyber News – ​Read More

RomCom Group’s Underground Ransomware Exploits Microsoft Zero-Day Flaw

/in

A new ransomware variant named Underground, linked to the Russia-based RomCom group, encrypts files on victims’ Windows machines and demands a ransom for decryption. It has been active since July 2023.

Cyware News – Latest Cyber News – ​Read More

Abusix Launches Guardian: Cutting-Edge Security Platform for Email and Network Providers

/in

Boston, MA, 5th September 2024, CyberNewsWire

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Revival Hijack Attack Puts 22,000 PyPI Packages at Risk of Hijack

/in

This method could potentially lead to numerous malicious package downloads. The attack involves hijacking popular projects by registering new projects under the names of removed packages on PyPI.

Cyware News – Latest Cyber News – ​Read More

Acuvity Raises $9 Million Seed Funding for Gen-AI Governance and In-house Development

/in

Activity emerged from stealth with $9 million seed funding to provide solutions for enterprises to safely adopt GenAI.

The post Acuvity Raises $9 Million Seed Funding for Gen-AI Governance and In-house Development appeared first on SecurityWeek.

SecurityWeek – ​Read More

Cisco Patches Critical Vulnerabilities in Smart Licensing Utility

/in

Cisco has released patches for multiple vulnerabilities, including two critical-severity flaws in Smart Licensing Utility.

The post Cisco Patches Critical Vulnerabilities in Smart Licensing Utility appeared first on SecurityWeek.

SecurityWeek – ​Read More