Month: September 2024
Sep 12, 2024Ravie LakshmananCryptocurrency / Network Security Internet-exposed Selenium Grid instances are being targeted by bad actors for illicit cryptocurrency mining and proxyjacking campaigns. “Selenium Grid is a server that facilitates running test cases in parallel across different browsers and versions,” Cado Security researchers Tara Gould and Nate Bill said in an analysis published today.…
Read MoreSep 12, 2024Ravie LakshmananRegulatory Compliance / Data Protection The Irish Data Protection Commission (DPC) has announced that it has commenced a “Cross-Border statutory inquiry” into Google’s foundational artificial intelligence (AI) model to determine whether the tech giant has adhered to data protection regulations in the region when processing the personal data of European users. “The…
Read MoreIraqi government networks have emerged as the target of an “elaborate” cyber attack campaign orchestrated by an Iran state-sponsored threat actor called OilRig. The attacks singled out Iraqi organizations such as the Prime Minister’s Office and the Ministry of Foreign Affairs, cybersecurity company Check Point said in a new analysis. OilRig, also called APT34, Crambus,…
Read MoreSep 12, 2024The Hacker NewsThreat Intelligence / Cybercrime Cato CTRL (Cyber Threats Research Lab) has released its Q2 2024 Cato CTRL SASE Threat Report. The report highlights critical findings based on the analysis of a staggering 1.38 trillion network flows from more than 2,500 of Cato’s global customers, between April and June 2024. Key Insights…
Read MoreScams Learn about the main tactics used by scammers impersonating Best Buy’s tech support arm and how to avoid falling for their tricks 11 Sep 2024 • , 5 min. read For three decades, Geek Squad has been a trusted name in tech for anyone needing IT support. The Best Buy subsidiary dispenses diagnostics, repairs…
Read MoreSep 12, 2024Ravie LakshmananWeb Security / Content Management WordPress.org has announced a new account security measure that will require accounts with capabilities to update plugins and themes to activate two-factor authentication (2FA) mandatorily. The enforcement is expected to come into effect starting October 1, 2024. “Accounts with commit access can push updates and changes to…
Read MoreMS-ISAC ADVISORY NUMBER: 2024-101 DATE(S) ISSUED: 09/11/2024 OVERVIEW: Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated…
Read More‘Throughout Fiscal 2025, we remain committed to disciplined cost management … We anticipate these actions will result in a continued reduction in our overall headcount,” the company stated in a quarterly business filing with the SEC. Layoffs at Dell Technologies are expected to be an ongoing part of business with more cuts expected before the…
Read MoreMembers of the North Korean hacker group Lazarus posing as recruiters are baiting Python developers with coding test project for password management products that include malware. The attacks are part of the ‘VMConnect campaign’ first detected in August 2023, where the threat actors targeted software developers with malicious Python packages uploaded onto the PyPI repository.…
Read More‘Let’s get it cleared,’ ServiceNow CEO Bill McDermott told a room of partners. ‘Let’s put trust to work. It’s all good. And let’s go for growth.’ ServiceNow CEO Bill McDermott told a room of partners that he doesn’t “want silly little stuff like comp and coverage” getting in the way of the vendor and its…
Read MoreRecent Posts
- Bob Sullivan Discovers a Scam That Strikes Twice
- A Vulnerability in Apache Struts2 Could Allow for Remote Code Execution
- CISA Adds One Known Exploited Vulnerability to Catalog | CISA
- Xerox To Buy Lexmark For $1.5B In Blockbuster Print Deal
- Vulnerability Summary for the Week of December 16, 2024 | CISA