By Deeba Ahmed
Pwn2Own is back!
This is a post from HackRead.com Read the original post: Pwn2Own 2024 Awards $700k as Hackers Pwn Tesla, Browsers, and More
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
These attachments, as per Microsoft Threat Intelligence’s blog post, contain malware that steals your login credentials, or they might redirect you to a fake website that looks like a legitimate tax platform designed to capture your information.
Cyware News – Latest Cyber News – Read More
Tarsal raises $6 million in a seed funding round led by Harpoon Ventures and Mango Capital and appoints new CTO.
The post Tarsal Raises $6 Million for Security Data Movement Platform appeared first on SecurityWeek.
SecurityWeek – Read More
AWS patches vulnerability that could have been used to hijack Managed Workflows Apache Airflow (MWAA) sessions via FlowFixation attack.
The post Vulnerability Allowed One-Click Takeover of AWS Service Accounts appeared first on SecurityWeek.
SecurityWeek – Read More
An Iran-linked hacking group claims to have breached the computer network of a sensitive Israeli nuclear installation in an incident declared by the ‘Anonymous’ hackers as a protest against the war in Gaza.
Cyware News – Latest Cyber News – Read More
In the UAE and Saudi Arabia, specifically, technology adoption has increased across the finance, healthcare, and manufacturing sectors, further boosting the need for cybersecurity and robust regulatory frameworks.
Cyware News – Latest Cyber News – Read More
AndroxGh0st is a malware that specifically targets Laravel applications. The malware scans and extracts login credentials linked to AWS and Twilio from environment files.
Cyware News – Latest Cyber News – Read More
Earlier this month, cybercriminals from the “Narwhal Spider” (aka TA544, Storm-0302) group masquerading as law firms tricked multiple companies into downloading initial access malware that may precede greater attacks down the line.
Cyware News – Latest Cyber News – Read More
The updated guidance replaces prior guidance that HHS OCR issued in December 2022 which warned that the use of online trackers that collect and transmit certain individually identifiable health information, constituted potential HIPAA violations.
Cyware News – Latest Cyber News – Read More
Atlassian has released patches for more than two dozen security flaws, including a critical bug impacting Bamboo Data Center and Server that could be exploited without requiring user interaction.
Tracked as CVE-2024-1597, the vulnerability carries a CVSS score of 10.0, indicating maximum severity.
Described as an SQL injection flaw, it’s rooted in a dependency called org.postgresql:
The Hacker News – Read More