Santander US is notifying over 12,000 employees that their personal information was compromised in a data breach.
The post Santander Employee Data Breach Linked to Snowflake Attack appeared first on SecurityWeek.
SecurityWeek – Read More
Noteworthy stories that might have slipped under the radar: Microsoft email spoofing vulnerability, Snowflake hack victims get ransom demands, LogoFail still around.
The post In Other News: Microsoft Email Spoofing, Snowflake Hack Ransoms, LogoFail Follow-Up appeared first on SecurityWeek.
SecurityWeek – Read More
A recently patched Vision Pro vulnerability was classified by Apple as a DoS issue, but a researcher has shown that it’s ‘scary’.
The post Spatial Computing Hack Exploits Apple Vision Pro Flaw to Fill Room With Spiders, Bats appeared first on SecurityWeek.
SecurityWeek – Read More
Created by John Tuckner and the team at automation and AI-powered workflow platform Tines, the SOC Automation Capability Matrix (SOC ACM) is a set of techniques designed to help security operations teams understand their automation capabilities and respond more effectively to incidents.
A customizable, vendor-agnostic tool featuring lists of automation opportunities, it’s
The Hacker News – Read More
Learn about the impact of the Qilin ransomware attack on Synnovis and healthcare services. Discover the consequences of this cyber incident and its implications for patient care.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Threat actors are exploiting a recent path traversal vulnerability in SolarWinds Serv-U using public PoC code.
The post Recent SolarWinds Serv-U Vulnerability Exploited in the Wild appeared first on SecurityWeek.
SecurityWeek – Read More
CISA says CFATS program data was likely accessed after an Ivanti Connect Secure appliance was hacked in January.
The post Personal and Chemical Facility Information Potentially Accessed in CISA Hack appeared first on SecurityWeek.
SecurityWeek – Read More
A malvertising campaign is leveraging trojanized installers for popular software such as Google Chrome and Microsoft Teams to drop a backdoor called Oyster (aka Broomstick and CleanUpLoader).
That’s according to findings from Rapid7, which identified lookalike websites hosting the malicious payloads that users are redirected to after searching for them on search engines like Google and Bing.
The
The Hacker News – Read More
A recently patched high-severity flaw impacting SolarWinds Serv-U file transfer software is being actively exploited by malicious actors in the wild.
The vulnerability, tracked as CVE-2024-28995 (CVSS score: 8.6), concerns a directory transversal bug that could allow attackers to read sensitive files on the host machine.
Affecting all versions of the software prior to and including Serv-U 15.4.2
The Hacker News – Read More
Immersing yourself in best practices for ethical hacking, pen-testing and information security can set you up for a career or better-protected business.
Security | TechRepublic – Read More