Millions of Apple Applications Were Vulnerable to CocoaPods Supply Chain Attack
The vulnerabilities have since been patched, but had quietly persisted since the CocoaPods migration in 2014.
Security | TechRepublic – Read More
Intel CPUs Face Spectre-Like ‘Indirector’ Attack That Leaks Data
“Indirector” targets a speculative execution component in silicon that previous research has largely overlooked.
darkreading – Read More
US car dealerships are recovering from massive cyberattack: 3 things you should know
A notorious extortion group held critical car sales software for ransom, and it’s still causing major headaches for car sales and car service.
Latest stories for ZDNET in Security – Read More
Secator: Open-Source Pentesting Swiss Army Knife
Secator is an open-source task and workflow runner designed for security assessments to streamline the use of various security tools for pen testers and security researchers.
Cyware News – Latest Cyber News – Read More
Vulnerabilities in CocoaPods: The Achilles’ Heel of the Apple App Ecosystem
Recent discoveries have unveiled severe vulnerabilities within CocoaPods, a dependency manager essential for iOS and macOS application development. These security flaws could lead to significant supply chain attacks, jeopardizing numerous applications. The exploit allows attackers to alter the software update process, inserting harmful payloads into applications. Developers must remain vigilant and adopt robust security practices to safeguard their applications and users.
Cyware News – Latest Cyber News – Read More
New Ransomware Group Uses Phone Calls to Pressure Victims, Researchers Say
Researchers have identified a new ransomware group called Volcano Demon responsible for two recent successful attacks on companies in the manufacturing and logistics sectors.
Cyware News – Latest Cyber News – Read More
Understanding the FakeBat Loader: Distribution Tactics and Cybercriminal Infrastructure
In the early part of 2024, the FakeBat loader, also known as EugenLoader or PaykLoader, emerged as a significant threat utilizing the drive-by download technique to spread malware.
Cyware News – Latest Cyber News – Read More
Friend or Foe? AI’s Complicated Role in Cybersecurity
Staying informed about the latest AI security solutions and best practices is critical in remaining a step ahead of increasingly clever cyberattacks.
darkreading – Read More
Odaseva Raises $54 Million for Salesforce Enterprise Data Security Platform
Enterprise data security platform Odaseva raises $54 million in a Series C funding round led by Silver Lake Waterman.
The post Odaseva Raises $54 Million for Salesforce Enterprise Data Security Platform appeared first on SecurityWeek.
SecurityWeek – Read More
Feds Hit Health Entity With $950K Fine in Ransomware Attack
The US Department of Health and Human Services has levied a fine of $950,000 from the Heritage Valley Health System in Pennsylvania. It must address potential HIPAA violations after a ransomware attack in 2017.
Cyware News – Latest Cyber News – Read More