T-Mobile Also Targeted in Chinese Telecom Hacking Campaign

/in

T-Mobile has also been targeted by the Chinese group Salt Typhoon in a major espionage campaign targeting US telecom companies. 

The post T-Mobile Also Targeted in Chinese Telecom Hacking Campaign appeared first on SecurityWeek.

SecurityWeek – ​Read More

Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites

/in

A critical authentication bypass vulnerability has been disclosed in the Really Simple Security (formerly Really Simple SSL) plugin for WordPress that, if successfully exploited, could grant an attacker to remotely gain full administrative access to a susceptible site.
The vulnerability, tracked as CVE-2024-10924 (CVSS score: 9.8), impacts both free and premium versions of the plugin. The

The Hacker News – ​Read More

3 leadership lessons we can learn from ethical hackers

/in

VentureBeat/Ideogram

Here’s how business leaders can use a hacker’s problem-solving approach to to improve their own leadership skills.Read More

Security News | VentureBeat – ​Read More

NSO Group Exploited WhatsApp to Install Pegasus Spyware Even After Meta’s Lawsuit

/in

Legal documents released as part of an ongoing legal tussle between Meta’s WhatsApp and NSO Group have revealed that the Israeli spyware vendor used multiple exploits targeting the messaging app to deliver Pegasus, including one even after it was sued by Meta for doing so.
They also show that NSO Group repeatedly found ways to install the invasive surveillance tool on the target’s devices as

The Hacker News – ​Read More

Microsoft Pulls Exchange Patches Amid Mail Flow Issues

/in

Email at many organizations has stopped working; the tech giant has advised users who are facing the issue to uninstall the updates so that it can address flaw.

darkreading – ​Read More

What Okta’s failures say about the future of identity security in 2025

/in

What Okta’s failures say about the future of identity security in 2025

2025 needs to be the year identity providers go all in on improving every aspect of software quality and security, including red teaming.Read More

Security News | VentureBeat – ​Read More

Ohio man behind Helix cryptocurrency mixer gets 3-year sentence

/in

Larry Harmon ran the mixer from 2014 to 2017, facilitating more than $300 million worth of cryptocurrency transactions.

The Record from Recorded Future News – ​Read More

ANZ CIO Challenges: AI, Cybersecurity & Data Analytics for 2025

/in

ANZ government CIOs face budget constraints while prioritizing AI, cybersecurity, and data analytics for productivity gains and digital transformation in 2025.

Security | TechRepublic – ​Read More

Homeland Security Department Releases Framework for Using AI in Critical Infrastructure

/in

The framework recommends that AI developers evaluate potentially dangerous capabilities in their products, ensure their products align with “human-centric values” and protect users’ privacy.

The post Homeland Security Department Releases Framework for Using AI in Critical Infrastructure appeared first on SecurityWeek.

SecurityWeek – ​Read More

NSO Group admits cutting off 10 customers because they abused its Pegasus spyware, say unsealed court documents

/in

Newly unsealed documents brought by a WhatsApp lawsuit shows NSO Group’s spyware, Pegasus, was used to hack as many as “tens of thousands” of devices.

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More