CUPS vulnerabilities could be abused for DDoS attacks
While the Common UNIX Printing System (CUPS) vulnerabilities recently disclosed by researcher Simone “evilsocket” Margaritelli are not easily exploited for remote command execution on vulnerable systems, they could offer more opportunity.....»»
Organizations turn to biometrics to counter deepfakes
The risk of deepfakes is rising with 47% of organizations having encountered a deepfake and 70% of them believing deepfake attacks which are created using generative AI tools, will have a high impact on their organizations, according to iProov. Perce.....»»
Security flaws in Microsoft Mac apps could let attackers spy on users
Cisco Talos recently uncovered security vulnerabilities in several Microsoft apps for macOS that can potentially let attackers spy on your camera and other system components.Security flaws found in Microsoft apps for MacTalos claims to have found eig.....»»
Common API security issues: From exposed secrets to unauthorized access
Despite their role in connecting applications and driving innovation, APIs often suffer from serious security vulnerabilities. Recent investigations reveal that many organizations are struggling with exposed secrets such as passwords and API keys, wh.....»»
Protecting academic assets: How higher education can enhance cybersecurity
Cyber attacks against higher education institutions increased by 70% in 2023. This is largely due to legacy endpoint security management and practices, limited IT support staff, and overwhelming amounts of data, much of which is PII (personally ident.....»»
Critical Start helps organizations reduce cyber risk from vulnerabilities
Critical Start announced Critical Start Vulnerability Management Service (VMS) and Vulnerability Prioritization. These new offerings are a foundational pillar of Managed Cyber Risk Reduction, allowing organizations to assess, manage, prioritize, and.....»»
Unlearning the RaaS Model: How ransomware attacks are evolving
Unlearning the RaaS Model: How ransomware attacks are evolving.....»»
DDoS attack volume rises, peak power reaches 1.7 Tbps
The total number of DDoS attacks during H1 2024 amounted to 830,000, an increase of 46% when compared to H1 2023, according to Gcore. Peak attack power rose from 1.6 terabits per second (Tbps) in H2 2023 to 1.7 Tbps. DDoS attacks hit Gaming, tech, fi.....»»
Current attacks, targets, and other threat landscape trends
In this Help Net Security video, Kendall McKay, Strategic Lead, Cyber Threat Intelligence at Cisco Talos, discusses the trends that Cisco Talos incident response observed in incident response engagements from Q2 2024, which covers April to June. Whil.....»»
Microsoft fixes 6 zero-days under active attack
August 2024 Patch Tuesday is here, and Microsoft has delivered fixes for 90 vulnerabilities, six of which have been exploited in the wild as zero-days, and four are publicly known. The zero-days under attack CVE-2024-38178 is a Scripting Engine Memor.....»»
Lawsuit Attacks Florida’s Lab-Grown Meat Ban as Unconstitutional
Upside Foods, a leading cultivated-meat company, argues that the ban violates the US Constitution in several ways......»»
Apple makes India withdraw its antitrust accusations
India's antitrust regulator is backtracking from its accusations against Apple and the App Store because of a legal technicality.India says Apple has abused its dominant market share of iOS appsIn 2021, the Competition Commission of India (CCI) began.....»»
The role of employee awareness in preventing supply chain attacks
The role of employee awareness in preventing supply chain attacks.....»»
74% of ransomware victims were attacked multiple times in a year
An alarming trend toward multiple, sometimes simultaneous cyber attacks forces business leaders to re-evaluate their cyber resilience strategies to address common points of failure, including inadequate identity system backup and recovery practices,.....»»
Critical 1Password flaws may allow hackers to snatch your passwords (CVE-2024-42219, CVE-2024-42218)
Two vulnerabilities (CVE-2024-42219, CVE-2024-42218) affecting the macOS version of the popular 1Password password manager could allow malware to steal secrets stored in the software’s vaults and obtain the account unlock key, AgileBits has con.....»»
Malware-as-a-Service and Ransomware-as-a-Service lower barriers for cybercriminals
The sophistication of cyber threats has escalated dramatically, with malicious actors’ deploying advanced tactics, techniques, and procedures (TTPs) to exploit vulnerabilities and evade detection, according to Darktrace. Subscription-based tools su.....»»
This Windows Update exploit is downright terrifying
A new tool called Windows Downdate can trick your PC into thinking that it's fully patched, all the while exposing you to dangerous vulnerabilities......»»
5G network flaws could be abused to let hackers spy on your phone
Researchers have developed a tool to sniff out 5G vulnerabilities, and even gain access to a victim's device......»»
Securonix and Cribl partner to enhance threat detection with advanced data integration
Securonix and Cribl announced a strategic partnership focused on providing customers with enhanced threat detection, based on a broader range of enterprise data being analyzed for AI-powered attacks. Securonix recently announced Securonix EON with a.....»»
“Perfect” Windows downgrade attack turns fixed vulnerabilities into zero-days
A researcher has developed a downgrade attack that can make Windows machines covertly, persistently and irreversibly vulnerable, even if they were fully patched before that. A downgrade attack exploiting the Windows Update process The direction of Sa.....»»
AI security 2024: Key insights for staying ahead of threats
In this Help Net Security interview, Kojin Oshiba, co-founder of Robust Intelligence, discusses his journey from academic research to addressing AI security challenges in the industry. Oshiba highlights vulnerabilities in technology systems and the p.....»»