Active Exploitation of High-Severity Vulnerability in Ivanti’s Cloud Service Appliance (CSA) CVE-2024-8190
Threat actors are actively exploiting a high-severity vulnerability in Ivanti’s Cloud Service Appliance (CSA) CVE-2024-8190, allowing for remote code execution and unauthorized access to affected systems.
View full story…
Major Tech Companies Collaborate with US Government to Combat Image-Based Sexual Abuse
Major tech companies, including Adobe, Microsoft, and OpenAI, partner with the US government to address image-based sexual abuse, such as non-consensual intimate images and AI deepfakes.
View full story…
Meta Platforms Resumes Data Scraping Plans in UK for AI Training
Meta Platforms will scrape public Facebook and Instagram user posts in the UK to train generative AI models, sparking concerns about privacy and data protection.
View full story…
Google Addresses Critical Security Flaw in Cloud Composer Service, Mitigating Remote Code Execution Threats
Google patched a critical security flaw in its Cloud Composer service, known as CloudImposer, which could have allowed threat actors to execute remote code on Google Cloud Platform servers.
View full story…
23andMe Data Breach Exposes 6.9 Million Customers’ Personal Information, Leads to $30 Million Settlement
A data breach at 23andMe in April 2023 exposed the personal information of 6.9 million customers, leading to a class-action lawsuit and a $30 million settlement.
View full story…
Apple Drops Lawsuit Against NSO Group Over Pegasus Spyware Concerns
Apple withdraws legal action against NSO Group, citing risks of exposing critical threat intelligence information related to Pegasus spyware.
View full story…
Latest Cybernews
New Linux Malware Campaign Hadooken Targets Misconfigured Oracle WebLogic Servers
Cybersecurity researchers uncover Hadooken malware exploiting vulnerabilities to deploy cryptocurrency miner and DDoS botnet on compromised endpoints.
View full story…
New Android Banking Trojan TrickMo Targets German Users with Advanced Evasion Techniques
A new variant of the Android banking trojan TrickMo, associated with the TrickBot e-crime gang, targets Android devices in Germany and employs advanced evasion techniques to avoid detection and analysis.
View full story…
Say Goodbye to Phishing: How Beyond Identity and Impress IT Solutions are Eliminating Credential Theft
Beyond Identity and Impress IT Solutions offer deterministic defenses using public-private key cryptography and secure enclaves to prevent credential theft and verifier impersonation, providing reliable protection against unauthorized access.
View full story…
Microsoft Hosts Windows Endpoint Security Ecosystem Summit to Address Security Concerns
Microsoft hosts summit with security experts and partners to enhance security capabilities in Windows 11 following global IT outage caused by faulty update from CrowdStrike.
View full story…
$65 Million Settlement Reached in LVHN Ransomware Attack Class Action Lawsuit
A settlement has been reached in a class action lawsuit against Lehigh Valley Health Network in Pennsylvania, related to a ransomware attack that exposed sensitive patient data and nude photographs online.
View full story…
Security Flaw in Apple’s Vision Pro Mixed Reality Headset Allows Hackers to Track Users’ Eye Movements
Researchers discover GAZEploit exploit in Vision Pro headset, enabling hackers to decipher passwords and messages typed with the eyes.
View full story…
Critical Vulnerabilities in Progress Software WhatsUp Gold Exploited by Malicious Actors, Leading to Potential Ransomware Attacks
Malicious actors have been exploiting critical vulnerabilities in Progress Software WhatsUp Gold since August 30, 2024, leading to potential ransomware attacks and the installation of remote administration tools on Windows hosts.
View full story…