Security researchers reverse-engineered Apple’s recent iOS 17.5.1 update and found that a recent bug that restored images deleted months or even years ago was caused by an iOS bug and not an issue with iCloud. Despite widespread reports from users and tech outlets confirming the alarming issue, Apple remained silent about the root cause, failing to…

Read More

The United Kingdom’s Information Commissioner Office (ICO) intends to impose a fine of £750,000 ($954,000) on the Police Service of Northern Ireland (PSNI) for exposing the entire workforce’s personal details by mistakenly publishing a spreadsheet online. PSNI disclosed the incident on August 8, 2023, when the police force warned that a mistake occurred during a…

Read More

“So once the acquisition closes, our partners will have the opportunity to join Palo Alto Networks’ partner program, if they’re not already part of that, so they will be able to then sell Palo Alto’s Cortex XSIAM,” IBM’s Channel Chief Kate Woolley tells CRN. IBM and Palo Alto Networks are working together to make sure…

Read More

The company says the acquisition of Informer will help with automating the identification of exposed assets. Bugcrowd unveiled the acquisition of a decade-old provider of external attack surface management capabilities, Informer, in the latest in a series of acquisitions in the space. Terms of the acquisition weren’t disclosed. Informer has 15 employees, Bugcrowd told CRN.…

Read More

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog…

Read More

Rockwell Automation has released guidance encouraging users to remove connectivity on all Industrial Control Systems (ICS) devices connected to the public-facing internet to reduce exposure to unauthorized or malicious cyber activity.  Users and administrators are encouraged review the following Rockwell Automation notice for more information:  Source link lol

Read More

May 23, 2024NewsroomCyber Espionage / Network Security The China-linked threat actor known as Sharp Panda has expanded their targeting to include governmental organizations in Africa and the Caribbean as part of an ongoing cyber espionage campaign. “The campaign adopts Cobalt Strike Beacon as the payload, enabling backdoor functionalities like C2 communication and command execution while…

Read More

CISA released one Industrial Control Systems (ICS) advisory on May 23, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations. Source link lol

Read More

“This is something that worries, above all, the smaller players who are struggling with how to solve it. Do they have to be staffed 24/7? The larger players who are used to tough regulations cope better,” says Rönn. And even though the time to prepare for DORA is running out, not all technical regulations have…

Read More

Fake code, inflated prices Researchers at CloudSEK analyzed approximately 25,000 posts on Telegram, many of which claimed to sell authentic Pegasus code, the statement added. These posts often followed a common template offering illicit services, with frequent mention of Pegasus and NSO tools. CloudSEK researchers went a step further, engaging with over 150 potential sellers.…

Read More