Google Patches Android Zero-Day Exploited in Targeted Attacks

/in

Google has patched CVE-2024-36971, a high-severity kernel zero-day vulnerability in Android that has been exploited in targeted attacks. 

The post Google Patches Android Zero-Day Exploited in Targeted Attacks appeared first on SecurityWeek.

SecurityWeek – ​Read More

Google Patches New Android Kernel Vulnerability Exploited in the Wild

/in

Google has addressed a high-severity security flaw impacting the Android kernel that it has been actively exploited in the wild.
The vulnerability, tracked as CVE-2024-36971, has been described as a case of remote code execution impacting the kernel.
“There are indications that CVE-2024-36971 may be under limited, targeted exploitation,” the tech giant noted in its monthly Android security

The Hacker News – ​Read More

New Zero-Day Flaw in Apache OFBiz ERP Allows Remote Code Execution

/in

A new zero-day pre-authentication remote code execution vulnerability has been disclosed in the Apache OFBiz open-source enterprise resource planning (ERP) system that could allow threat actors to achieve remote code execution on affected instances.
Tracked as CVE-2024-38856, the flaw has a CVSS score of 9.8 out of a maximum of 10.0. It affects Apache OFBiz versions prior to 18.12.15.
“The

The Hacker News – ​Read More

Elon Musk sues OpenAI again, alleging ‘Shakespearean’ betrayal of AI mission

/in

Elon Musk sues OpenAI and Sam Altman in federal court, alleging betrayal of AI’s founding mission, raising crucial questions about ethics, profit, and the future of artificial intelligence development.Read More

Security News | VentureBeat – ​Read More

AWS Deploying ‘Mithra’ Neural Network to Predict and Block Malicious Domains

/in

AWS says a massive neural network graph model with 3.5 billion nodes and 48 billion edges is speeding up the prediction and detection of malicious domains.

The post AWS Deploying ‘Mithra’ Neural Network to Predict and Block Malicious Domains appeared first on SecurityWeek.

SecurityWeek – ​Read More

Sophisticated Android Spyware Targets Users in Russia

/in

Researchers say “LianSpy” malware has been in use in a covert data gathering operation that’s gone undetected for at least three years.

darkreading – ​Read More

Name That Edge Toon: Pointing Fingers

/in

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

darkreading – ​Read More

20K Ubiquiti IoT Cameras & Routers Are Sitting Ducks for Hackers

/in

In the cloud, patches disseminate automatically. On your computer, you get notified. IoT devices, meanwhile, can escape attention for years on end.

darkreading – ​Read More

StormBamboo APT Targets ISPs, Spreads Malware via Software Updates

/in

StormBamboo abuses insecure software updates! Don’t be a victim! This article explores how the StormBamboo group compromises ISPs…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Critical Apache OFBiz Vulnerability Allows Preauth RCE

/in

The enterprise resource planning platform bug CVE-2024-38856 has a vulnerability-severity score of 9.8 out of 10 on the CVSS scale and offers a wide avenue into enterprise applications for cyberattackers.

darkreading – ​Read More