Critical vulnerabilities have been found within Cinterion cellular modems. Disclosed during a Kaspersky presentation at OffensiveCon in Berlin on May 11, these flaws could allow remote attackers to execute arbitrary code, posing a significant threat to the integrity of millions of industrial devices reliant on these modems. The identified vulnerabilities, including CVE-2023-47610, highlight severe security weaknesses within
“When I talk about climate change with people, I spend hardly any time on the science of climate change,” says Katharine Hayhoe, a leading climate science communicator and a speaker at Starmus Earth: The Future of Our Home Planet. The festival is almost here, and we’re delighted to publish an extensive interview with Dr. Hayhoe
May 13, 2024The Hacker NewsThreat Detection / SoC / SIEM In the last decade, there has been a growing disconnect between front-line analysts and senior management in IT and Cybersecurity. Well-documented challenges facing modern analysts revolve around a high volume of alerts, false positives, poor visibility of technical environments, and analysts spending too much time
Cybersecurity professionals have an urgent duty to secure AI tools, ensuring these technologies are only used for social good, was a strong message at the RSA Conference 2024. AI bring enormous promise in the real-world setting, such as diagnosing health conditions faster and with more accuracy. However, with the pace of innovation and adoption of
Digital Security Can AI effortlessly thwart all sorts of cyberattacks? Let’s cut through the hyperbole surrounding the tech and look at its actual strengths and limitations. Cameron Camp 09 May 2024 • , 3 min. read Predictably, this year’s RSA Conference is buzzing with the promise of artificial intelligence – not unlike last year, after
May 10, 2024NewsroomMalware / Cyber Espionage The North Korean threat actor tracked as Kimsuky has been observed deploying a previously undocumented Golang-based malware dubbed Durian as part of highly-targeted cyber attacks aimed at two South Korean cryptocurrency firms. “Durian boasts comprehensive backdoor functionality, enabling the execution of delivered commands, additional file downloads and exfiltration of
As cybercriminals and threat actors increase their tooling and capabilities, new sophisticated attack techniques are emerging and it is vital that defenders stay abreast of this evolution. Daniel Blackford, senior manager, threat research at Proofpoint, explained: “A lot of money is following into the hands of bad actors, they’re being very successful. That has allowed
Video More than 40,000 security experts descended on San Francisco this week. Let’s now look back on some of the event’s highlights – including the CISA-led ‘Secure by Design’ pledge also signed by ESET. 10 May 2024 That’s a wrap on this year’s RSA Conference! More than 40,000 security professionals descended on San Francisco this
The financially motivated threat actor known as FIN7 has been observed leveraging malicious Google ads spoofing legitimate brands as a means to deliver MSIX installers that culminate in the deployment of NetSupport RAT. “The threat actors used malicious websites to impersonate well-known brands, including AnyDesk, WinSCP, BlackRock, Asana, Concur, The Wall Street Journal, Workable, and
The UK’s AI Safety Institute has made its AI testing and evaluation platform available to the global AI community as of 10 May, 2024. The platform, called Inspect, is set to pave the way for the safe innovation of AI models, according to the AI Safety Institute and Department for Science, Innovation and Technology (DIST).
May 10, 2024NewsroomBrowser Security / Vulnerability Google on Thursday released security updates to address a zero-day flaw in Chrome that it said has been actively exploited in the wild. Tracked as CVE-2024-4671, the high-severity vulnerability has been described as a case of use-after-free in the Visuals component. It was reported by an anonymous researcher on
Global mobile banking malware has grown by 32% compared to 2022, according to data from Kaspersky’s latest annual Financial Threats Report for 2023. The report, published on May 6, highlighted a surge in attacks targeting Android users, with Afghanistan, Turkmenistan and Tajikistan experiencing the highest share of encounters with banking Trojans. Notably, Turkey leads in mobile
We Live Science, Video As Starmus Earth draws near, we caught up with Dr. Garik Israelian to celebrate the fusion of science and creativity and venture where imagination flourishes and groundbreaking ideas take flight 07 May 2024 Some time ago, we briefly spoke to Dr. Garik Israelian, one of the founders of the Starmus Festival,
May 09, 2024NewsroomFirewall / Network Security Two security vulnerabilities have been discovered in F5 Next Central Manager that could be exploited by a threat actor to seize control of the devices and create hidden rogue administrator accounts for persistence. The remotely exploitable flaws “can give attackers full administrative control of the device, and subsequently allow
Data breaches and device losses within UK government departments have potentially put the information of over 10,000 customers at risk. The findings come from Apricorn, a manufacturer of hardware-encrypted USB drives, based on a compilation of annual Freedom of Information (FOI) responses. Disclosed today, the figures reveal alarming statistics regarding breaches reported to the Information
Digital Security Their innocuous looks and endearing names mask their true power. These gadgets are designed to help identify and prevent security woes, but what if they fall into the wrong hands? Daniel Cunha Barbosa 06 May 2024 • , 5 min. read Can seemingly innocuous objects that feign the appearance of regular USB sticks,
״Defenders think in lists, attackers think in graphs,” said John Lambert from Microsoft, distilling the fundamental difference in mindset between those who defend IT systems and those who try to compromise them. The traditional approach for defenders is to list security gaps directly related to their assets in the network and eliminate as many as
The City of Wichita, Kansas, has confirmed it was hit by a ransomware attack over the weekend, prompting the shutdown of segments of its network. Wichita is the largest city in Kansas, with a population of 400,000, and is among the top 50 largest cities in the United States. The City revealed the assault with
May 07, 2024NewsroomOnline Security / Data Breach Google on Monday announced that it’s simplifying the process of enabling two-factor authentication (2FA) for users with personal and Workspace accounts. Also called, 2-Step Verification (2SV), it aims to add an extra layer of security to users’ accounts to prevent takeover attacks in case the passwords are stolen.
Businesses are being left vulnerable to a range of cybersecurity and privacy risks as 70% of business executives prioritize innovation over security when it comes to generative AI projects, according to a new report by IBM. The survey also found that less than a quarter (24%) of generative AI projects are being secured. This is
May 06, 2024NewsroomAndroid / Data Security Multiple security vulnerabilities have been disclosed in various applications and system components within Xiaomi devices running Android. “The vulnerabilities in Xiaomi led to access to arbitrary activities, receivers and services with system privileges, theft of arbitrary files with system privileges, [and] disclosure of phone, settings and Xiaomi account data,”
Microsoft’s research team has unearthed a concerning vulnerability pattern in numerous popular Android applications, posing significant security risks to billions of users worldwide. The identified vulnerability pattern, linked to path traversal, enables a malicious application to manipulate files within the vulnerable app’s home directory. The impact of this vulnerability reportedly extended to several widely used
Video Organizations that fall victim to a ransomware attack are often caught between a rock and a hard place, grappling with the dilemma of whether to pay up or not 03 May 2024 The Simone Veil hospital in Cannes, France – which fell victim to a disruptive ransomware attack two weeks ago – has announced
May 03, 2024The Hacker NewsLive Webinar / Server Security In today’s rapidly evolving digital landscape, the threat of Distributed Denial of Service (DDoS) attacks looms more significant than ever. As these cyber threats grow in sophistication, understanding and countering them becomes crucial for any business seeking to protect its online presence. To address this urgent
Indonesia has become a hub for spyware and surveillance tools that threaten citizens’ rights and privacy, Amnesty International has found. Building on existing research into the sale of surveillance technologies to Indonesia, the NGO has conducted a months-long investigation in collaboration with several media outlets in Switzerland, Greece, Israel and Indonesia. Amnesty International found evidence
Scams Once your crypto has been stolen, it is extremely difficult to get back – be wary of fake promises to retrieve your funds and learn how to avoid becoming a victim twice over Phil Muncaster 02 May 2024 • , 4 min. read It’s a nightmare scenario for any cryptocurrency user. You fall victim
Czechia and Germany on Friday revealed that they were the target of a long-term cyber espionage campaign conducted by the Russia-linked nation-state actor known as APT28, drawing condemnation from the European Union (E.U.), the North Atlantic Treaty Organization (NATO), the U.K., and the U.S. The Czech Republic’s Ministry of Foreign Affairs (MFA), in a statement,
North Korean threat actors are exploiting weak email policies to spoof legitimate domains during espionage phishing campaigns, a new US government advisory has warned. The FBI, the US Department of State and the National Security Agency (NSA) said North Korea-linked Kimsuky group is exploiting poorly configured DNS Domain-based Message Authentication, Reporting and Conformance (DMARC) protocols
May 03, 2024The Hacker NewsSaaS Security / Browser Security SaaS applications are dominating the corporate landscape. Their increased use enables organizations to push the boundaries of technology and business. At the same time, these applications also pose a new security risk that security leaders need to address, since the existing security stack does not enable
Sweden has faced a wave of distributed denial of service (DDoS) attacks since it started the process of joining NATO, according to network performance management provider Netscout. After a 500 Gbps attack against the Swedish government infrastructure in May 2023, DDoS attacks against Swedish organizations increased consistently, picking up significantly in late 2023 with 730
- « Previous Page
- 1
- …
- 10
- 11
- 12
- 13
- 14
- …
- 130
- Next Page »