Veeam Patches Critical Vulnerability in Backup & Replication

/in

Veeam has released patches for a critical-severity remote code execution vulnerability in Backup & Replication.

The post Veeam Patches Critical Vulnerability in Backup & Replication appeared first on SecurityWeek.

SecurityWeek – ​Read More

500,000 Impacted by Pennsylvania Teachers Union Data Breach

/in

Pennsylvania State Education Association says the personal information of over 500,000 individuals was stolen in a data breach.

The post 500,000 Impacted by Pennsylvania Teachers Union Data Breach appeared first on SecurityWeek.

SecurityWeek – ​Read More

Mobile Jailbreaks Exponentially Increase Corporate Risk

/in

Both Android devices and iPhones are 3.5 times more likely to be infected with malware once “broken” and 250 times more likely to be totally compromised, recent research shows.

darkreading – ​Read More

Six Governments Likely Use Israeli Paragon Spyware to Hack IM Apps and Harvest Data

/in

The governments of Australia, Canada, Cyprus, Denmark, Israel, and Singapore are likely customers of spyware developed by Israeli company Paragon Solutions, according to a new report from The Citizen Lab.
Paragon, founded in 2019 by Ehud Barak and Ehud Schneorson, is the maker of a surveillance tool called Graphite that’s capable of harvesting sensitive data from instant messaging applications

The Hacker News – ​Read More

Hackers Target Cisco Smart Licensing Utility Vulnerabilities

/in

SANS is seeing attempts to exploit two critical Cisco Smart Licensing Utility vulnerabilities tracked as CVE-2024-20439 and CVE-2024-20440.

The post Hackers Target Cisco Smart Licensing Utility Vulnerabilities appeared first on SecurityWeek.

SecurityWeek – ​Read More

Amazon Ends Little-Used Privacy Feature That Let Echo Users Opt Out of Sending Recordings to Company

/in

Amazon is ending a little-used privacy feature that let some users of its Echo smart speaker prevent their voice commands from going to the company’s cloud.

The post Amazon Ends Little-Used Privacy Feature That Let Echo Users Opt Out of Sending Recordings to Company appeared first on SecurityWeek.

SecurityWeek – ​Read More

300 Malicious ‘Vapor’ Apps Hosted on Google Play Had 60 Million Downloads

/in

Over 300 malicious applications displaying intrusive full-screen interstitial video ads amassed more than 60 million downloads on Google Play.

The post 300 Malicious ‘Vapor’ Apps Hosted on Google Play Had 60 Million Downloads appeared first on SecurityWeek.

SecurityWeek – ​Read More

Why Continuous Compliance Monitoring Is Essential For IT Managed Service Providers

/in

Regulatory compliance is no longer just a concern for large enterprises. Small and mid-sized businesses (SMBs) are increasingly subject to strict data protection and security regulations, such as HIPAA, PCI-DSS, CMMC, GDPR, and the FTC Safeguards Rule. However, many SMBs struggle to maintain compliance due to limited IT resources, evolving regulatory requirements, and complex security challenges

The Hacker News – ​Read More

Paragon Spyware Attacks Exploited WhatsApp Zero-Day 

/in

Attacks involving Paragon’s Graphite spyware involved a WhatsApp zero-day that could be exploited without any user interaction.

The post Paragon Spyware Attacks Exploited WhatsApp Zero-Day  appeared first on SecurityWeek.

SecurityWeek – ​Read More

Low-Cost Drone Add-Ons From China Let Anyone With a Credit Card Turn Toys Into Weapons of War

/in

Chinese ecommerce giants like Temu and AliExpress sell drone accessories like those used by soldiers in the Russia-Ukraine conflict.

Security Latest – ​Read More