The updated version of KmsdBot malware incorporates Telnet scanning functionality and expanded CPU architecture support, posing a significant threat to the security of IoT devices.
Financial services companies, including TD Ameritrade, Charles Schwab, and Prudential, are being sued for failing to secure personally identifiable information (PII) and negligence in protecting customer data following a zero-day vulnerability breach in MOVEit software, which compromised sensitive financial data of numerous organizations and impacted at least 49 million to 54 million individuals worldwide.
Chinese hackers known as UNC4841 have compromised Barracuda email security appliances, including those that have been patched against the recently disclosed zero-day vulnerability, posing a significant risk to users and requiring immediate action.
Concerns have emerged regarding bias in AI algorithms and its effect on the fairness of security systems in enterprise cloud environments.
Researchers from Secureworks Counter Threat Unit (CTU) discovered a critical vulnerability in Microsoft’s Power Platform via the Azure Active Directory (AD) environment, allowing attackers to exploit an abandoned reply URL and gain access tokens and elevated privileges.
Cybercriminals are using creative methods to diversify their QakBot malware attacks, connecting different blocks together to create unique infection chains and bypassing detection tools and security policies.
