LockBit & Conti Ransomware Hacker Busted in Ukraine
Accused cybercriminal has special skills that helped Conti and LockBit ransomware evade detection, according to law enforcement.
darkreading – Read More
Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation
The zero-day is tagged as CVE-2024-32896 and described as an elevation of privilege issue in Pixel Firmware.
The post Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation appeared first on SecurityWeek.
SecurityWeek – Read More
Black Basta Ransomware Suspected of Exploiting Windows 0-day Before Patch
The cybersecurity researchers at Symantec have found “strong evidence” suggesting that the Black Basta ransomware gang exploited a critical Windows vulnerability (CVE-2024-26169) before it was patched by Microsoft on March 12, 2024, through its regular Patch Tuesday updates.
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
TellYouthePass Ransomware Group Exploits Critical PHP Flaw
An RCE vulnerability that affects the Web scripting language on Windows systems is easy to exploit and can provide a broad attack surface.
darkreading – Read More
Businesses’ cloud security fails are ‘concerning’ – as AI threats accelerate
Not enough organizations are conducting regular audits to ensure their cloud environments are secured.
Latest stories for ZDNET in Security – Read More
Microsoft Patches Zero-Click Outlook Vulnerability That Could Soon Be Exploited
Microsoft’s June 2024 Patch Tuesday updates resolve a zero-click Outlook vulnerability leading to remote code execution.
The post Microsoft Patches Zero-Click Outlook Vulnerability That Could Soon Be Exploited appeared first on SecurityWeek.
SecurityWeek – Read More
Why CIO & CISO Collaboration Is Key to Organizational Resilience
Alignment between these domains is quickly becoming a strategic imperative.
darkreading – Read More
Cryptojacking Campaign Targets Misconfigured Kubernetes Clusters
Cybersecurity researchers have warned of an ongoing cryptojacking campaign targeting misconfigured Kubernetes clusters to mine Dero cryptocurrency.
Cloud security firm Wiz, which shed light on the activity, said it’s an updated variant of a financially motivated operation that was first documented by CrowdStrike in March 2023.
“In this incident, the threat actor abused anonymous access to an
The Hacker News – Read More
Verizon exec reveals responsible AI strategy amid ‘Wild West’ landscape
Verizon’s exec leading AI for network enablement, Michael Raj, said that the field of AI auditing is still in its early stages and that companies need to accelerate their efforts. The steady drumbeat of big mistakes by customer support AI agents, for example from big names like Chevy, Air Canada, and even New York City, or even by leading LLM providers like Google, which featured black Nazis, has brought a renewed focus on the need for more reliability.Read More
Security News | VentureBeat – Read More
Fortinet Patches Code Execution Vulnerability in FortiOS
Fortinet has patched multiple vulnerabilities in FortiOS, including a high-severity code execution security flaw.
The post Fortinet Patches Code Execution Vulnerability in FortiOS appeared first on SecurityWeek.
SecurityWeek – Read More