Pixel Phone Zero-Days Exploited by Forensic Firms

/in

Google this week patched two Pixel phone zero-day vulnerabilities actively exploited by forensic companies to obtain data from devices.

The post Pixel Phone Zero-Days Exploited by Forensic Firms appeared first on SecurityWeek.

SecurityWeek – ​Read More

Get a Lifetime of VPN Protection for Just $16

/in

During a special sale event, you can get an extra 20% off our already discounted price on RealVPN, bringing it down to just $16 for life. Use code SECURE20 at checkout.

Security | TechRepublic – ​Read More

New HTTP/2 DoS Attack Potentially More Severe Than Record-Breaking Rapid Reset

/in

New HTTP/2 DoS method named Continuation Flood can pose a greater risk than Rapid Reset, which has been used for record-breaking attacks.

The post New HTTP/2 DoS Attack Potentially More Severe Than Record-Breaking Rapid Reset appeared first on SecurityWeek.

SecurityWeek – ​Read More

Zoom Paid Out $10 Million via Bug Bounty Program Since 2019

/in

Video conferencing giant Zoom has paid out $10 million through its bug bounty program since it was launched in 2019.

The post Zoom Paid Out $10 Million via Bug Bounty Program Since 2019 appeared first on SecurityWeek.

SecurityWeek – ​Read More

Magento Shoplift Malware Targets Both WordPress and Magento CMS on E-Commerce Sites

/in

While it pretends to be a Google Analytics script, this is merely a distraction from the true nature of the credit card skimming JavaScript code snippet embedded in the infected website.

Cyware News – Latest Cyber News – ​Read More

Google Fixed Another Chrome Zero-Day Exploited at Pwn2Own

/in

The vulnerability CVE-2024-3159 is an out-of-bounds memory access in the V8 JavaScript engine. The flaw was demonstrated by Edouard Bochin (@le_douds) and Tao Yan (@Ga1ois) of Palo Alto Networks during the Pwn2Own 2024 on March 22, 2024.

Cyware News – Latest Cyber News – ​Read More

Rhadamanthys Stealer Delivered in Transportation Campaign

/in

The phishing emails use a unique vehicle incident lure and, in later stages of the infection chain, spoof the Federal Bureau of Transportation in a PDF that mentions a significant fine for the incident.

Cyware News – Latest Cyber News – ​Read More

A Vigilante Hacker Took Down North Korea’s Internet. Now He’s Taking Off His Mask

/in

As “P4x,” Alejandro Caceres single-handedly disrupted the internet of an entire country. Then he tried to show the US military how it can—and should—adopt his methods.

Security Latest – ​Read More

Unveiling the Fallout: Operation Cronos’ Impact on LockBit Following Landmark Disruption

/in

Contrary to what the group themselves have stated, activities observed post-disruption would indicate that Operation Chronos has a significant impact on the group’s activities.

Cyware News – Latest Cyber News – ​Read More

Microsoft’s Security Chickens Have Come Home to Roost

/in

News analysis:  SecurityWeek editor-at-large Ryan Naraine reads the CSRB report on China’s audacious Microsoft’s Exchange Online hack and isn’t at all surprised by the findings.

The post Microsoft’s Security Chickens Have Come Home to Roost appeared first on SecurityWeek.

SecurityWeek – ​Read More