Hybrid and Multi-Cloud Strategies Rise Amid Security Concerns
Organizations increasingly adopt hybrid and multi-cloud strategies for scalability and flexibility, yet face significant security and compliance challenges, with a notable skills gap in cloud security expertise.
View full story…
Fortinet Discloses Critical Zero-Day Vulnerability CVE-2024-55591
Fortinet has revealed a critical zero-day vulnerability, CVE-2024-55591, affecting its FortiGate firewalls and FortiOS systems, which allows unauthenticated remote attackers to gain super-admin privileges and execute unauthorized code.
View full story…
North Korean Threat Actor Nickel Tapestry Linked to Fraudulent Crowdfunding Campaigns
Research by Secureworks CTU reveals that Nickel Tapestry, a North Korean threat actor, orchestrated a fraudulent IndieGoGo campaign in 2016, raising $20,000 under false pretenses as part of a broader strategy to engage in various illicit money-making schemes.
View full story…
FBI Successfully Removes PlugX Malware From Over 4,000 Infected Systems
A collaborative operation led by the US Department of Justice and French authorities, in partnership with cybersecurity firm Sekoia.io, has successfully eradicated the PlugX malware, a remote access Trojan linked to the Chinese hacking group Mustang Panda, from thousands of computers worldwide.
View full story…
Microsoft Addresses 161 Security Vulnerabilities in January 2025 Patch Tuesday Update
Microsoft’s January 2025 Patch Tuesday update fixes 161 vulnerabilities, including three critical zero-day exploits affecting Hyper-V, which are currently under active exploitation.
View full story…
Latest Cybernews
Critical macOS Vulnerability CVE-2024-44243 Allows Root Privilege Bypass
Cybersecurity experts warn that the recently discovered CVE-2024-44243 vulnerability in macOS enables local attackers with root privileges to bypass System Integrity Protection, potentially leading to severe security breaches.
View full story…
Surge in Browser-Based Cyber Threats in 2024
In 2024, browser-based cyber threats have significantly increased, with drive-by downloads and malicious advertisements becoming prevalent, while traditional email-based malware delivery has declined.
View full story…
Biden-Harris Administration Introduces New AI Diffusion Rule
The Biden-Harris Administration has unveiled an Interim Final Rule aimed at enhancing national security by regulating the export of advanced computing chips and AI model weights while promoting responsible global diffusion of AI technology.
View full story…
Microsoft Releases Largest Patch Tuesday Update in January 2025, Fixing 159 Vulnerabilities
Microsoft’s January 2025 Patch Tuesday update addresses 159 vulnerabilities, including critical flaws in Windows Remote Desktop Services and Microsoft Outlook, with several actively exploited vulnerabilities requiring immediate attention.
View full story…
Barings Law Leads Class Action Against Google and Microsoft Over Data Misuse
Barings Law is representing 15,000 claimants in a class action lawsuit against Google and Microsoft, accusing them of unauthorized use of personal data to train AI models without user consent.
View full story…
CISA Reports Significant Improvements in Cybersecurity for Critical Infrastructure
Critical national infrastructure providers have achieved notable reductions in remediation times for known exploited vulnerabilities, with a 50% decrease for critical-severity issues and a 25% decrease for high-severity issues since 2022, despite a rising threat landscape marked by increased ransomware attacks.
View full story…
Latest Cybernews
Growing Cyber Inequity Intensified by Complex Landscape
The World Economic Forum report highlights that the increasing complexity of the cyber landscape exacerbates disparities between developed and emerging economies, with significant impacts on organizational resilience and a growing cyber skills gap.
View full story…
Microsoft Sues Foreign Threat Group Over AI Exploitation
Microsoft has initiated legal action against an unidentified foreign threat group for exploiting its AI technologies to create harmful content and offering “hacking-as-a-service” to other criminals.
View full story…