How Phishing Attacks Adapt Quickly to Capitalize on Current Events

In 2023, no fewer than 94 percent of businesses were impacted by phishing attacks, a 40 percent increase compared to the previous year, according to research from Egress.
What’s behind the surge in phishing? One popular answer is AI – particularly generative AI, which has made it trivially easier for threat actors to craft content that they can use in phishing campaigns, like malicious emails

The Hacker News – ​Read More

Shorter TLS Certificate Lifespans Expected to Complicate Management Efforts

Shorter TLS certificate lifespans are expected to create challenges for management efforts, with 76% of security leaders acknowledging the need to transition to shorter lifespans for increased security, according to Venafi.

Cyware News – Latest Cyber News – ​Read More

200k Impacted by East Valley Institute of Technology Data Breach

The personal and health information of students, staff, faculty, and parents was compromised in a data breach at East Valley Institute of Technology.

The post 200k Impacted by East Valley Institute of Technology Data Breach appeared first on SecurityWeek.

SecurityWeek – ​Read More

Black Hat USA 2024 – Summary of Vendor Announcements

Hundreds of companies and organizations showcased their products and services last week at the 2024 edition of the Black Hat conference in Las Vegas.

The post Black Hat USA 2024 – Summary of Vendor Announcements appeared first on SecurityWeek.

SecurityWeek – ​Read More

Critical 1Password Flaws May Allow Hackers to Snatch Users’ Passwords

The first vulnerability, CVE-2024-42219, allows bypassing inter-process communication protections and impersonation of trusted 1Password integrations. The second, CVE-2024-42218, lets attackers bypass security mechanisms using outdated app versions.

Cyware News – Latest Cyber News – ​Read More

Common Business-Related Phishing Scams Include Fake HR and IT Subject Lines

KnowBe4 Security Awareness Advocate Erich Kron talked to TechRepublic about the importance of assessing a seemingly urgent email before clicking any links.

Security | TechRepublic – ​Read More

Google Patches Critical Vulnerabilities in Quick Share After Researchers’ Warning

Discover how researchers exploited vulnerabilities in Google’s Quick Share to achieve remote code execution (RCE). Learn about the…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Microsoft Found OpenVPN Bugs That can be Chained to Achieve RCE and LPE

The vulnerabilities affect all versions of OpenVPN prior to 2.6.10 and 2.5.10. Attackers could gain full control over targeted endpoints by exploiting these vulnerabilities.

Cyware News – Latest Cyber News – ​Read More

CrowdStrike Pursuing Deal to Buy Patch Management Specialist Action1

CrowdStrike is looking to acquire patch management specialist Action1 in a deal worth nearly $1 billion. Action1’s Co-Founder and CEO confirmed the discussions with CrowdStrike employees in a memo.

Cyware News – Latest Cyber News – ​Read More

SSHamble: Open-Source Security Testing of SSH Services

RunZero recently released SSHamble, an open-source tool for testing the security of SSH services. This tool helps security teams detect dangerous misconfigurations and software bugs in SSH implementations.

Cyware News – Latest Cyber News – ​Read More