SonicWall has released patches for multiple high-severity flaws in the SMA100 SSL-VPN secure access gateway.
The post SonicWall Patches 6 Vulnerabilities in Secure Access Gateway appeared first on SecurityWeek.
SecurityWeek – Read More
Atrium Health has notified the HHS of a data breach impacting 585,000 individuals, and the incident may be related to online tracking.
The post Atrium Health Data Breach Impacts 585,000 People appeared first on SecurityWeek.
SecurityWeek – Read More
Google has announced the open source availability of Vanir, a patch validation tool for Android platform developers.
The post Google Open Sources Security Patch Validation Tool for Android appeared first on SecurityWeek.
SecurityWeek – Read More
The European Commission issued a retention order to TikTok on December 6, 2024, mandating the need to keep all data related to the Romanian elections for further investigations. This order comes a few days after Romanian’s president Klaus Iohannis ordered to declassify SRI’s (Romanian’s Intelligence Service) recent investigation. The Romanian Intelligence Service (SRI) accused Russia of…
TechSplicer – Read More
The threat actors behind the More_eggs malware have been linked to two new malware families, indicating an expansion of its malware-as-a-service (MaaS) operation.
This includes a novel information-stealing backdoor called RevC2 and a loader codenamed Venom Loader, both of which are deployed using VenomLNK, a staple tool that serves as an initial access vector for the deployment of follow-on
The Hacker News – Read More
The threat actor known as Gamaredon has been observed leveraging Cloudflare Tunnels as a tactic to conceal its staging infrastructure hosting a malware called GammaDrop.
The activity is part of an ongoing spear-phishing campaign targeting Ukrainian entities since at least early 2024 that’s designed to drop the Visual Basic Script malware, Recorded Future’s Insikt Group said in a new analysis.
The Hacker News – Read More
A critical directory traversal vulnerability in the SailPoint IdentityIQ IAM platform exposes restricted files to attackers.
The post Critical Vulnerability Discovered in SailPoint IdentityIQ appeared first on SecurityWeek.
SecurityWeek – Read More
Cloudflare Tunnels is just the latest legitimate cloud service that cybercriminals and state-sponsored threat actors are abusing to hide their tracks.
darkreading – Read More
Researchers testing generative AI systems can use prompt injection, re-register after being banned, and bypass rate limits without running afoul of copyright law.
darkreading – Read More
SUMMARY A large U.S. company with operations in China fell victim to a large-scale cyberattack earlier this year,…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More