8220 gang exploits old Oracle WebLogic vulnerability to deliver infostealers, cryptominers
The 8220 gang has been leveraging an old Oracle WebLogic Server vulnerability (CVE-2020-14883) to distribute malware, the Imperva Threat Research team has found. About 8220 Active since 2017, the 8220 gang has been known for deploying cryptocurrency.....»»
CISA starts CVE “vulnrichment” program
The US Cybersecurity and Infrastructure Agency (CISA) has announced the creation of “Vulnrichment,” a new project that aims to fill the CVE enrichment gap created by NIST National Vulnerability Database’s recent slowdown. NVD is fai.....»»
What’s the Newest iPad With a Headphone Jack?
One question we often get from people in the market for a new iPad is: “What is the newest iPad with a 3.5mm headphone jack?” The answer, while simple, just got a little more complicated. The ninth-generation iPad, or iPad 9, is the newes.....»»
I want to love Asus’ gaming earbuds, but there are problems
Asus' Cetra SpeedNova earbuds deliver what gamers are looking for thanks to ANC and a low latency connection. But there are a couple of big issues......»»
Google “Relaunches” the Pixel tablet at a More Affordable Price
It also ditches the magnetic charging speaker dock. The post Google “Relaunches” the Pixel tablet at a More Affordable Price appeared first on Phandroid. Some might say that the launch of the Pixel tablet was a bittersweet mome.....»»
Inpher SecurAI protects the privacy of user inputs on large language models
Inpher released SecurAI, a solution that protects the privacy and security of user inputs on large language models. This release of SecurAI leverages the NVIDIA H100 Tensor Core GPU for maximum speed and performance. “Enterprises need to harnes.....»»
Veeam fixes RCE flaw in backup management platform (CVE-2024-29212)
Veeam has patched a high-severity vulnerability (CVE-2024-29212) in Veeam Service Provider Console (VSPC) and is urging customers to implement the patch. About CVE-2024-29212 Veeam Service Provider Console is a cloud platform used by managed services.....»»
Accenture partners with Mandiant to improve cybersecurity operations
Accenture and Mandiant, part of Google Cloud, are teaming up to collaboratively deliver cyber resilience services to help organizations more efficiently detect, investigate, respond to and recover from cyberattacks. As part of the partnership, Accent.....»»
LockBit leader unmasked: US charges Russian national
Russian national Dmitry Khoroshev is “LockBitSupp”, the creator, developer and administator of the infamous LockBit ransomware group, according to UK, US and Australia law enforcement agencies. The US Justice Deparment has unsealed charge.....»»
Maker Spotlight: Rob Richards
While on an online exploration for potential exhibits for Maker Faire Bay Area 2024, I chanced upon Rob Richards and his forthcoming project, “Echoes of the Heart,” slated for Burning Man 2024. Intrigued, I reached out to learn more. Hai.....»»
BigID introduces dual-scanning capabilities for cloud native workloads
BigID has introduced a new advancement in cloud data security, privacy, and governance with the launch of its dual-scanning technology. BigID’s dual, or “hybrid”, scanning technology gives organizations speed, efficiency, and flexib.....»»
Apple"s new Photos app will utilize generative AI for image editing
A new teaser on Apple's website could be indicative of some of the company's upcoming software plans, namely a new version of its ubiquitous Photos app that will tap generative AI to deliver Photoshop-grade editing capabilities for the average consum.....»»
New Apple Pencil Might Be Called Apple Pencil Pro
Code discovered on Apple’s website in Japan might have confirmed the name of the company’s new Apple Pencil ahead of launch. The code, published by a user on X, references an unreleased accessory called “Apple Pencil Pro.” We,.....»»
Novel attack against virtually all VPN apps neuters their entire purpose
TunnelVision vulnerability has existed since 2002 and may already be known to attackers. Enlarge (credit: Getty Images) Researchers have devised an attack against nearly all virtual private network applications that forc.....»»
Microsoft warns of new Android app vulnerability
Microsoft has discovered a new Android app vulnerability that has the potential for malicious apps to rewrite existing apps. The post Microsoft warns of new Android app vulnerability appeared first on Phandroid. Due to the ever-evolving na.....»»
BlackBasta claims Synlab attack, leaks some stolen documents
The BlackBasta ransomware / cyber extortion gang is behind the recent cyber attack that resulted in the temporary shutdown of operations at Synlab Italia. The group claimed the attack on their leak site on Saturday and says they have exfiltrated appr.....»»
Bug hunters can get up to $450,000 for an RCE in Google’s Android apps
Google has drastically increased the rewards bug hunters can get for reporting vulnerabilities in Android apps it develops and maintains. “We increased reward amounts by up to 10x in some categories (for example Remote Arbitrary Code Execution.....»»
Apple’s iPad Event Gets More Exciting
Apple’s special “Let Loose” iPad event on May 7th recently got a bit more exciting. According to Bloomberg’s Mark Gurman, there’s a “strong possibility” the chip in the new iPad Pro will be the M4 instead of.....»»
Apple’s iPad Event Just Got a Lot More Exciting
Apple’s special “Let Loose” event on May 7th will focus on iPads, but you can expect Apple to make additional announcements at the showcase. In comments made to CNBC, Apple CEO Tim Cook says Apple has “big plans to announce” fro.....»»
Maximum-severity GitLab flaw allowing account hijacking under active exploitation
The threat is potentially grave because it could be used in supply-chain attacks. Enlarge A maximum severity vulnerability that allows hackers to hijack GitLab accounts with no user interaction required is now under act.....»»
Trend Micro expands AI-powered cybersecurity platform
Trend Micro launched significant additional AI-powered functionality in its platform to secure organizational use of AI and better manage the risks associated with mass adoption of new AI tools. “Great advancements in technology always come wit.....»»