CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The list of flaws is below –

CVE-2024-20767 (CVSS score: 7.4) – Adobe ColdFusion contains an improper access control vulnerability that could allow an attacker to access or modify restricted

The Hacker News – ​Read More

The Mask APT Resurfaces with Sophisticated Multi-Platform Malware Arsenal

A little-known cyber espionage actor known as The Mask has been linked to a new set of attacks targeting an unnamed organization in Latin America twice in 2019 and 2022.
“The Mask APT is a legendary threat actor that has been performing highly sophisticated attacks since at least 2007,” Kaspersky researchers Georgy Kucherin and Marc Rivero said in an analysis published last week. “Their targets

The Hacker News – ​Read More

Slack’s AI agents are learning from your office chats—here’s what’s next

Credit: VentureBeat made with Midjourney


Slack CPO Rob Seaman reveals how Agentforce 2.0 will transform workplace AI by leveraging contextual intelligence and deep platform integration, transforming how enterprises use AI agents for automation and collaboration.Read More

Security News | VentureBeat – ​Read More

Cicada3301 Ransomware Claims Attack on French Peugeot Dealership

SUMMARY Cicada3301, a ransomware group, has claimed responsibility for a data breach targeting Concession Peugeot (concessions.peugeot.fr), a prominent…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Ransomware to Cause ‘Bumpy’ Security Ride in 2025

Cashed-up ransomware criminals may exploit more zero days while potential blanket ransomware payment bans hang over defenders like a shadow.

Security | TechRepublic – ​Read More

Does Desktop AI Come With a Side of Risk?

Artificial intelligence capabilities are coming to a desktop near you — with Microsoft 365 Copilot, Google Gemini with Project Jarvis, and Apple Intelligence all arriving (or having arrived). But what are the risks?

darkreading – ​Read More

Citizen Development Moves Too Fast for Its Own Good

While low-code/no-code tools can speed up application development, sometimes it’s worth taking a slower approach for a safer product.

darkreading – ​Read More

Called your doctor after-hours? ConnectOnCall hackers may have stolen your medical data

The hackers stole names, phone numbers, dates of birth and information related to health conditions, treatments and prescriptions.

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More

Namibia’s state telecom provider says hackers leaked data after it refused to pay ransom

The company didn’t specify what kind of data was stolen by the cybercriminals, but according to local media reports, the hackers accessed over 400,000 files, including personal and financial data belonging to some high-ranking government officials and Telecom Namibia’s clients.

The Record from Recorded Future News – ​Read More

Webinar Tomorrow: Navigating your OT Cybersecurity Journey: From Assessment to Implementation

Learn how to develop a holistic solution that provides you and your team the power to mitigate cyber threats effectively within your OT environment.

The post Webinar Tomorrow: Navigating your OT Cybersecurity Journey: From Assessment to Implementation appeared first on SecurityWeek.

SecurityWeek – ​Read More