CrowdStrike and Delta Fight Over Who’s to Blame for the Airline Canceling Thousands of Flights

CrowdStrike and Delta are fighting over who is to blame for the airline canceling thousands of flights following the massive outage.

The post CrowdStrike and Delta Fight Over Who’s to Blame for the Airline Canceling Thousands of Flights appeared first on SecurityWeek.

SecurityWeek – ​Read More

New Android Spyware LianSpy Evades Detection Using Yandex Cloud

Users in Russia have been the target of a previously undocumented Android post-compromise spyware called LianSpy since at least 2021.
Cybersecurity vendor Kaspersky, which discovered the malware in March 2024, noted its use of Yandex Cloud, a Russian cloud service, for command-and-control (C2) communications as a way to avoid having a dedicated infrastructure and evade detection.
“This threat is

The Hacker News – ​Read More

Mint Stealer: New MaaS Malware Threatens Confidential Data

A new MaaS malware known as Mint Stealer has emerged, threatening confidential data. This malware, identified by experts from Cyfirma, is designed to steal a wide range of information by employing advanced encryption and obfuscation techniques.

Cyware News – Latest Cyber News – ​Read More

Researchers Warn of a New Critical Apache OFBiz Flaw

The vulnerability allows unauthenticated users to execute screen rendering code under certain conditions in versions up to 18.12.14, with version 18.12.15 addressing the issue.

Cyware News – Latest Cyber News – ​Read More

Google Fixes Android Kernel Zero-Day Exploited in Targeted Attacks

Google has patched a zero-day vulnerability in the Android kernel that was being exploited in targeted attacks. The vulnerability, tracked as CVE-2024-36971, allows for arbitrary code execution without user interaction on unpatched devices.

Cyware News – Latest Cyber News – ​Read More

Google Patches Android Zero-Day Exploited in Targeted Attacks

Google has patched CVE-2024-36971, a high-severity kernel zero-day vulnerability in Android that has been exploited in targeted attacks. 

The post Google Patches Android Zero-Day Exploited in Targeted Attacks appeared first on SecurityWeek.

SecurityWeek – ​Read More

Google Patches New Android Kernel Vulnerability Exploited in the Wild

Google has addressed a high-severity security flaw impacting the Android kernel that it has been actively exploited in the wild.
The vulnerability, tracked as CVE-2024-36971, has been described as a case of remote code execution impacting the kernel.
“There are indications that CVE-2024-36971 may be under limited, targeted exploitation,” the tech giant noted in its monthly Android security

The Hacker News – ​Read More

New Zero-Day Flaw in Apache OFBiz ERP Allows Remote Code Execution

A new zero-day pre-authentication remote code execution vulnerability has been disclosed in the Apache OFBiz open-source enterprise resource planning (ERP) system that could allow threat actors to achieve remote code execution on affected instances.
Tracked as CVE-2024-38856, the flaw has a CVSS score of 9.8 out of a maximum of 10.0. It affects Apache OFBiz versions prior to 18.12.15.
“The

The Hacker News – ​Read More

Elon Musk sues OpenAI again, alleging ‘Shakespearean’ betrayal of AI mission

Elon Musk sues OpenAI and Sam Altman in federal court, alleging betrayal of AI’s founding mission, raising crucial questions about ethics, profit, and the future of artificial intelligence development.Read More

Security News | VentureBeat – ​Read More

AWS Deploying ‘Mithra’ Neural Network to Predict and Block Malicious Domains

AWS says a massive neural network graph model with 3.5 billion nodes and 48 billion edges is speeding up the prediction and detection of malicious domains.

The post AWS Deploying ‘Mithra’ Neural Network to Predict and Block Malicious Domains appeared first on SecurityWeek.

SecurityWeek – ​Read More