Ivanti Researchers Report Two Critical Zero-Day Vulnerabilities

Patches will be available in late January and February, but until then, customers must take mitigation measures.

darkreading – ​Read More

The Future of IT: Info-Tech LIVE 2024 Conference Announced for September

Info-Tech Research Group has announced the return of Info-Tech LIVE for 2024, an event for IT leaders, exhibitors, and media to explore emerging technology trends and innovative insights.

darkreading – ​Read More

Volt Typhoon Ramps Up Malicious Activity Against Critical Infrastructure

The Chinese state-sponsored APT has compromised as many as 30% of Cisco legacy routers on a SOHO botnet that multiple threat groups use.

darkreading – ​Read More

OpenAI’s New GPT Store May Carry Data Security Risks

Third-party developers of custom GPTs (mostly) aren’t able to see your chats, but they can access, store, and potentially utilize some other kinds of personal data you share.

darkreading – ​Read More

Move Over, APTs: Cybercriminals Now Target Critical Infrastructure Too

Danish energy sector attacks attributed to Russia’s Sandworm APT turn out to be the work of a new concern: cyber opportunists.

darkreading – ​Read More

Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The issue, tracked as CVE-2023-29357 (CVSS score: 9.8), is a privilege escalation flaw that could be exploited by an attacker to gain

The Hacker News – ​Read More

Mandiant, SEC Lose Control of X Accounts Without 2FA

Crypto hacks on Mandiant and SEC X accounts are the predictable result of the social media platform’s upcharge for basic cybersecurity protections, experts say.

darkreading – ​Read More

Researchers Flag FBot Hacking Tool Hijacking Cloud, Payment Services

The tool, called FBot, is capable of credential harvesting for spamming attacks, and AWS, PayPal and SaaS account hijacking.

The post Researchers Flag FBot Hacking Tool Hijacking Cloud, Payment Services appeared first on SecurityWeek.

SecurityWeek – ​Read More

Singapore’s guidelines to bolster mobile app security are optional – for now

The recommended standard offers a common benchmark for app developers on the necessary security controls and best practices to better safeguard users against common malware and phishing attacks.

Latest stories for ZDNET in Security – ​Read More

Mandiant: X Account Hacked in Brute-Force Attack Linked to ClinkSink Campaign

By Waqas

Mandiant had its X account (formerly Twitter) hacked on January 3rd, 2024.

This is a post from HackRead.com Read the original post: Mandiant: X Account Hacked in Brute-Force Attack Linked to ClinkSink Campaign

Hackread – Latest Cybersecurity News, Press Releases & Technology Today – ​Read More