Black Hat USA 2024: Chip Flaw ‘GhostWrite’ Steals Data from CPU Memory

/in

Black Hat USA 2024: Critical RISC-V CPU vulnerability discovered. Dubbed GhostWrite; attackers can exploit this flaw to steal…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

CrowdStrike Dismisses Claims of Exploitability in Falcon Sensor Bug

/in

CrowdStrike dismissed claims that the Falcon EDR sensor bug could be exploited for privilege escalation or remote code execution.

The post CrowdStrike Dismisses Claims of Exploitability in Falcon Sensor Bug appeared first on SecurityWeek.

SecurityWeek – ​Read More

LG unleashes South Korea’s first open-source AI, challenging global tech giants

/in

LG launches Exaone 3.0, South Korea’s first open-source AI model, challenging global tech giants and reshaping the AI landscape with improved efficiency and multilingual capabilities.Read More

Security News | VentureBeat – ​Read More

University Professors Targeted by North Korean Cyber Espionage Group

/in

The North Korea-linked threat actor known as Kimsuky has been linked to a new set of attacks targeting university staff, researchers, and professors for intelligence gathering purposes.
Cybersecurity firm Resilience said it identified the activity in late July 2024 after it observed an operation security (OPSEC) error made by the hackers.
Kimsuky, also known by the names APT43, ARCHIPELAGO,

The Hacker News – ​Read More

Anthropic offers $15,000 bounties to hackers in push for AI safety

/in

Anthropic launches expanded AI bug bounty program, offering up to $15,000 for critical vulnerabilities in its AI systems, setting new standards for AI safety and transparency.Read More

Security News | VentureBeat – ​Read More

Black Hat USA 2024: AWS ‘Bucket Monopoly’ Flaw Led to Account Takeover

/in

Black Hat USA 2024 is up and running at full pace as critical AWS vulnerabilities are exposed! Learn…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

0.0.0.0 Day: 18-Year-Old Browser Vulnerability Impacts MacOS and Linux Devices

/in

Cybersecurity researchers have discovered a new “0.0.0.0 Day” impacting all major web browsers that malicious websites could take advantage of to breach local networks.
The critical vulnerability “exposes a fundamental flaw in how browsers handle network requests, potentially granting malicious actors access to sensitive services running on local devices,” Oligo Security researcher Avi Lumelsky

The Hacker News – ​Read More

USPS Text Scammers Duped His Wife, So He Hacked Their Operation

/in

The Smishing Triad network sends up to 100,000 scam texts per day globally. One of those messages went to Grant Smith, who infiltrated their systems and exposed them to US authorities.

Security Latest – ​Read More

Critical Progress WhatsUp Gold RCE Flaw Now Under Active Exploitation

/in

Threat actors are actively exploiting a critical remote code execution vulnerability in Progress WhatsUp Gold 23.1.2 and older versions, identified as CVE-2024-4885 with a CVSS v3 score of 9.8.

Cyware News – Latest Cyber News – ​Read More

Immutability in Cybersecurity: A Layer of Security Amidst Complexity and Misconceptions

/in

In modern security parlance, ‘immutable’ has three primary associations: immutable servers, immutable backup, and immutable data.

The post Immutability in Cybersecurity: A Layer of Security Amidst Complexity and Misconceptions appeared first on SecurityWeek.

SecurityWeek – ​Read More