StickmanCyber Report: A Look Inside Australia’s Cybersecurity Skills Crisis

A StickmanCyber report reveals a critical cybersecurity skills shortage in Australia, which can have both short- and long-term business implications

Security | TechRepublic – ​Read More

Microsoft Warns of Six Windows Zero-Days Being Actively Exploited

Microsoft’s security response team pushed out documentation for almost 90 vulnerabilities across Windows and OS components and marked several flaws in the actively exploited category.

The post Microsoft Warns of Six Windows Zero-Days Being Actively Exploited appeared first on SecurityWeek.

SecurityWeek – ​Read More

Adobe Calls Attention to Massive Batch of Code Execution Flaws

Patch Tuesday: Adobe patches 72 security vulnerabilities and warns that Windows and macOS users are at risk of code execution, memory leaks, and denial-of-service attacks.

The post Adobe Calls Attention to Massive Batch of Code Execution Flaws appeared first on SecurityWeek.

SecurityWeek – ​Read More

GhostWrite: New T-Head CPU Bugs Expose Devices to Unrestricted Attacks

A team of researchers from the CISPA Helmholtz Center for Information Security in Germany has disclosed an architectural bug impacting Chinese chip company T-Head’s XuanTie C910 and C920 RISC-V CPUs that could allow attackers to gain unrestricted access to susceptible devices.
The vulnerability has been codenamed GhostWrite. It has been described as a direct CPU bug embedded in the hardware, as

The Hacker News – ​Read More

Researchers Uncover Vulnerabilities in AI-Powered Azure Health Bot Service

Cybersecurity researchers have discovered two security flaws in Microsoft’s Azure Health Bot Service that, if exploited, could permit a malicious actor to achieve lateral movement within customer environments and access sensitive patient data.
The critical issues, now patched by Microsoft, could have allowed access to cross-tenant resources within the service, Tenable said in a new report shared

The Hacker News – ​Read More

US Unseals Charges Against Three Eastern Europeans Over Ransomware, Malvertising

Maksim Silnikau was extradited to the US to face charges for roles in the distribution of the Angler exploit kit, malware, and the Ransom Cartel ransomware.

The post US Unseals Charges Against Three Eastern Europeans Over Ransomware, Malvertising appeared first on SecurityWeek.

SecurityWeek – ​Read More

National Public Data Breach: 2.7bn Records Leaked on Dark Web

In August, 2.7 billion records from National Public Data, including social security numbers, were leaked on a dark web forum.

Security | TechRepublic – ​Read More

SAP Patches Critical Vulnerabilities in BusinessObjects, Build Apps

SAP has released 25 security notes on August 2024 Security Patch Day, including for critical vulnerabilities in BusinessObjects and Build Apps.

The post SAP Patches Critical Vulnerabilities in BusinessObjects, Build Apps appeared first on SecurityWeek.

SecurityWeek – ​Read More

The Changing Expectations for Developers in an AI-Coding Future

AI’s proficiency at creating software code won’t put developers out of a job, but the job will change to one focused on security, collaboration, and “mentoring” AI models.

darkreading – ​Read More

DARPA Aims to Ditch C Code, Move to Rust

The Defense Advanced Research Projects Agency launches TRACTOR program to work with university and industry researchers on creating a translation system that can turn C code into secure, idiomatic Rust code.

darkreading – ​Read More