Log4Shell Exploited To Infect VMware Horizon Servers With Backdoors, Crypto Miners
An anonymous reader quotes a report from ZDNet: The Log4Shell vulnerability is being actively exploited to deliver backdoors and cryptocurrency miners to vulnerable VMware Horizon servers. On Tuesday, Sophos cybersecurity researchers said the attacks.....»»
Business and tech consolidation opens doors for cybercriminals
Cyber threats continued to intensify in the first half of 2024 as cybercriminals exploited security gaps from growing business and technological consolidation, according to Resilience. Consolidation in business and tech fuels new third-party risks Re.....»»
Understanding Apple"s on-device and server foundation models
Apple announced new AI language models at WWDC. These models run both locally on Apple devices and on Apple's own Apple Silicon-powered AI servers.Siri icon in a datacenterArtificial Intelligence (AI) relies on language models which provide knowledge.....»»
Ahead of iPhone 16, AI demand boosts Apple supplier Foxconn"s profits
Foxconn, Apple's iPhone 16 manufacturer has reported a fourth consecutive quarter of profit increases, which it credits to demand for AI servers.Workers in a Foxconn factoryFor the previous quarter, Foxconn's increased profits came from better than e.....»»
Microsoft fixes 6 zero-days under active attack
August 2024 Patch Tuesday is here, and Microsoft has delivered fixes for 90 vulnerabilities, six of which have been exploited in the wild as zero-days, and four are publicly known. The zero-days under attack CVE-2024-38178 is a Scripting Engine Memor.....»»
FBI claims success in taking down another major ransomware group
Law enforcement seized dozens of servers belonging to Radar, but no one was arrested......»»
International investigation shuts down Radar/Dispossessor ransomware group
FBI Cleveland announced the disruption of “Radar/Dispossessor”—the criminal ransomware group led by the online moniker “Brain”—and the dismantling of three U.S. servers, three United Kingdom servers, 18 German servers, eight U.....»»
Browser backdoors: Securing the new frontline of shadow IT
Browser extensions are a prime target for cybercriminals. And this isn’t just a consumer problem – it’s a new frontier in enterprises’ battle against shadow IT. Ultimately, more extension permissions result in potentially bigger attack su.....»»
Solid-state EV batteries just over the horizon for mass market
Solid-state batteries promise big jumps in energy density and charging, but they're still not ready for mass commercialization......»»
Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200)
A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited by attackers to grab users’ NTLM hashes, Microsoft has shared late last week. The vulnerability is exploitable remotely and requires no special privileges or user interact.....»»
“0.0.0.0-Day” vulnerability affects Chrome, Safari and Firefox
A “0.0.0.0-Day” vulnerability affecting Chrome, Safari and Firefox can be – and has been – exploited by attackers to gain access to services on internal networks, Oligo Security researchers have revealed. The vulnerability ste.....»»
Prompt injection attack on Apple Intelligence reveals a flaw, but is easy to fix
A prompt injection attack on Apple Intelligence reveals that it is fairly well protected from misuse, but the current beta version does have one security flaw which can be exploited. However, the issue would be very easy for the company to fix, so.....»»
Treatments for ‘Brain-Eating’ Amoebas Are on the Horizon
New drugs may help patients with life-threatening "brain-eating" amoeba infections.....»»
What Happened in Crypto Today: Bullish Signals Are Finally Emerging!
What Happened in Crypto Today: Bullish Signals Are Finally Emerging!.....»»
An 18-year-old Safari loophole exploited by hackers is finally being fixed by Apple
There’s a pesky loophole lurking in every major browser, including Apple’s Safari, Google Chrome, and Mozilla Firefox, that hackers have been exploiting for the past … The post An 18-year-old Safari loophole exploited by hackers is.....»»
Big utilization drop for North American auto factories on the horizon as EV production begins
Automakers will build less than two-thirds of their vehicle assembly capacity in 2030, according to GlobalData......»»
Roundcube flaws allow easy email account compromise (CVE-2024-42009, CVE-2024-42008)
Two cross-site scripting vulnerabilities (CVE-2024-42009, CVE-2024-42008) affecting Roundcube could be exploited by attackers to steal users’ emails and contacts, email password, and send emails from their account. About the vulnerabilities Rou.....»»
Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856)
CVE-2024-38856, an incorrect authorization vulnerability affecting all but the latest version of Apache OFBiz, may be exploited by remote, unauthenticated attackers to execute arbitrary code on vulnerable systems. About CVE-2024-38856 Apache OFBiz is.....»»
Week in review: VMware ESXi zero-day exploited, SMS Stealer malware targeting Android users
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Why a strong patch management strategy is essential for reducing business risk In this Help Net Security interview, Eran Livne, Senior Director of P.....»»
Coinfecting viruses obstruct each other"s cell invasion
The process by which phages—viruses that infect and replicate within bacteria—enter cells has been studied for over 50 years. In a new study, researchers from the University of Illinois Urbana-Champaign and Texas A&M University have used cutting-.....»»
Multi-state Apple fraud ring exposed by DHS after routine traffic stop
The Department of Homeland Security busted a sophisticated counterfeiting operation where fraudsters exploited retail return policies to swap genuine Apple products with counterfeit devices nationwide.The Department of Homeland SecurityChalvin Tan wa.....»»