Riot Raises $30 Million for Employee Cybersecurity Solution

/in

Riot has raised $30 million in Series B funding for a platform that helps employees improve their cybersecurity posture.

The post Riot Raises $30 Million for Employee Cybersecurity Solution appeared first on SecurityWeek.

SecurityWeek – ​Read More

Despite Catastrophic Hacks, Ransomware Payments Dropped Dramatically Last Year

/in

Ransomware gangs continued to wreak havoc in 2024, but new research shows that the amounts victims paid these cybercriminals fell by hundreds of millions of dollars.

Security Latest – ​Read More

Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine

/in

Russian threat groups have been observed exploiting a zero-day vulnerability in 7-Zip against Ukrainian entities.

The post Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine appeared first on SecurityWeek.

SecurityWeek – ​Read More

Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities

/in

Chrome 133 and Firefox 135 were released with patches for multiple high-severity memory safety vulnerabilities.

The post Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.

SecurityWeek – ​Read More

Hackers Using Fake Microsoft ADFS Login Pages to Steal Credentials

/in

A global phishing campaign is actively exploiting a legacy Microsoft authentication system to steal user credentials and bypass multi-factor authentication (MFA), targeting over 150 organizations.

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Router maker Zyxel tells customers to replace vulnerable hardware exploited by hackers

/in

The Taiwanese hardware maker says it has no plans patch the flaws impacting legacy router models

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More

CISA Issues Exploitation Warning for .NET Vulnerability

/in

CISA has added CVE-2024-29059, a flaw affecting Microsoft .NET, to its Known Exploited Vulnerabilities catalog.

The post CISA Issues Exploitation Warning for .NET Vulnerability appeared first on SecurityWeek.

SecurityWeek – ​Read More

Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days

/in

Multiple Zyxel legacy DSL CPE products are affected by exploited zero-day vulnerabilities that will not be patched.

The post Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days appeared first on SecurityWeek.

SecurityWeek – ​Read More

CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25

/in

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The list of vulnerabilities is as follows –

CVE-2024-45195 (CVSS score: 7.5/9.8) – A forced browsing vulnerability in Apache OFBiz that allows a remote attacker to obtain unauthorized

The Hacker News – ​Read More

Researchers warn of risks tied to abandoned cloud storage buckets

/in

Cloud storage tools used by military, government and even cybersecurity organizations around the world have been left abandoned by their users, exposing them to a wide variety of security risks.

The Record from Recorded Future News – ​Read More