Vulnerability in Ghostscript (CVE-2024-29510) allows attackers to bypass sandbox for remote code execution.
The post Attackers Exploiting Remote Code Execution Vulnerability in Ghostscript appeared first on SecurityWeek.
SecurityWeek – Read More
With Living Off the Cloud (LOTC) attacks, hackers abuse APIs of trusted cloud services to remotely control botnets but also to make malicious traffic appear as trusted cloud traffic.
The post Cloudy with a Chance of Cyberattack: Understanding LOTC Attacks and How ZTNA Can Prevent Them appeared first on SecurityWeek.
SecurityWeek – Read More
Europol is proposing solutions to address challenges posed by privacy-enhancing technologies in Home Routing that impede law enforcement’s ability to intercept communications in criminal investigations.
Cyware News – Latest Cyber News – Read More
Exploiting these flaws could allow attackers to execute arbitrary commands, read source code, and gain unauthorized access. The vulnerabilities require authentication, with one flaw specifically requiring the built-in SSH server to be enabled.
Cyware News – Latest Cyber News – Read More
Vinted, a prominent online platform for second-hand sales, has been fined €2,385,276 ($2,582,730) for violating the EU’s General Data Protection Regulation (GDPR) by not properly handling personal data deletion requests.
Cyware News – Latest Cyber News – Read More
The expanding attack surface, with over 15 billion connected devices worldwide, raises concerns about privacy breaches for users. The average home now has 21 connected devices, facing more than 10 daily cyberattacks.
Cyware News – Latest Cyber News – Read More
Cloud resources are increasingly targeted by cyberattacks, with SaaS applications, cloud storage, and cloud management infrastructure being the top categories of attack, according to Thales.
Cyware News – Latest Cyber News – Read More
The malware has evolved into multiple versions, with GootLoader 3 being the latest one in use. Despite updates to the payload, the infection strategies have remained consistent since its resurgence in 2020.
Cyware News – Latest Cyber News – Read More
Four unpatched security flaws, including three critical ones, have been disclosed in the Gogs open-source, self-hosted Git service that could enable an authenticated attacker to breach susceptible instances, steal or wipe source code, and even plant backdoors.
The vulnerabilities, according to SonarSource researchers Thomas Chauchefoin and Paul Gerste, are listed below –
CVE-2024-39930 (CVSS
The Hacker News – Read More
Team ARXU gained recognition earlier this year for targeting Romania over its support for Israel. The hacker group has a history of cyberattacks against Israel and its allies.
Cyware News – Latest Cyber News – Read More