Router maker Zyxel tells customers to replace vulnerable hardware exploited by hackers

/in

The Taiwanese hardware maker says it has no plans patch the flaws impacting legacy router models

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More

CISA Issues Exploitation Warning for .NET Vulnerability

/in

CISA has added CVE-2024-29059, a flaw affecting Microsoft .NET, to its Known Exploited Vulnerabilities catalog.

The post CISA Issues Exploitation Warning for .NET Vulnerability appeared first on SecurityWeek.

SecurityWeek – ​Read More

Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days

/in

Multiple Zyxel legacy DSL CPE products are affected by exploited zero-day vulnerabilities that will not be patched.

The post Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days appeared first on SecurityWeek.

SecurityWeek – ​Read More

CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25

/in

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The list of vulnerabilities is as follows –

CVE-2024-45195 (CVSS score: 7.5/9.8) – A forced browsing vulnerability in Apache OFBiz that allows a remote attacker to obtain unauthorized

The Hacker News – ​Read More

Researchers warn of risks tied to abandoned cloud storage buckets

/in

Cloud storage tools used by military, government and even cybersecurity organizations around the world have been left abandoned by their users, exposing them to a wide variety of security risks.

The Record from Recorded Future News – ​Read More

Sophos Acquires Secureworks for $859 Million

/in

Sophos has completed its acquisition of managed cyber security services provider Secureworks.

Security | TechRepublic – ​Read More

Credential Theft Becomes Cybercriminals’ Favorite Target

/in

Researchers measured a threefold increase in credential stealing between 2023 and 2024, with more than 11.3 million such thefts last year.

darkreading – ​Read More

U.K. Announces ‘World-First’ Cyber Code of Practice for Companies Developing AI

/in

The Cyber Code of Practice applies to developers, system operators, and organisations that create, deploy, or manage AI systems.

Security | TechRepublic – ​Read More

Ferret Malware Added to ‘Contagious Interview’ Campaign

/in

Targets are lured into a fake interview process that convinces them to download malware needed for a virtual interview.

darkreading – ​Read More

Spyware maker Paragon confirms U.S. government is a customer

/in

Israeli spyware maker Paragon Solutions confirmed to TechCrunch that it sells its products to the U.S. government and other unspecified allied countries. Paragon’s executive chairman John Fleming said in a statement to TechCrunch on Tuesday that, “Paragon licenses its technology to a select group of global democracies — principally, the United States and its allies.” […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More