Aug 21, 2024Ravie LakshmananWordPress / Cybersecurity A maximum-severity security flaw has been disclosed in the WordPress GiveWP donation and fundraising plugin that exposes more than 100,000 websites to remote code execution attacks. The flaw, tracked as CVE-2024-5932 (CVSS score: 10.0), impacts all versions of the plugin prior to version 3.14.2, which was released on August…
Read More
Toyota confirmed that customer data was exposed in a third-party data breach after a threat actor leaked an archive of 240GB of stolen data on a hacking forum. “We are aware of the situation. The issue is limited in scope and is not a system wide issue,” Toyota told BleepingComputer when asked to validate the…
Read More
The Cannon Corporation dba CannonDesign is sending notices of a data breach to more than 13,000 of its clients, informing that hackers breached and stole data from its network in an attack in early 2023. CannonDesign is a multi-awarded architectural, engineering, and consulting firm based in the United States, recognized for its work on high-profile projects such…
Read More
‘Sadly, we have made the very difficult decision to say painful goodbyes to some of our team members,’ Five9 CEO Mike Burkland said in an email to employees. Five9 has revealed plans to lay off about 7 percent of its workforce, totaling less than 200 people based on the vendor’s 2,684 full-time employee count as…
Read More
American chipmaker Microchip Technology Incorporated has disclosed that a cyberattack impacted its systems over the weekend, disrupting operations across multiple manufacturing facilities. Headquartered in Chandler, Arizona, the company has roughly 123,000 customers across multiple industry sectors, including industrial, automotive, consumer, aerospace and defense, communications, and computing markets. Due to an incident, some Microchip Technology manufacturing…
Read More
The “very low adoption rate” is “really alarming,” Microsoft program manager Sourish Deb said in a call with partners. Microsoft is warning partners to update their code for new application programming interface by Sept. 30 to avoid service disruption – with a Microsoft representative revealing on a recent call with solution providers that less than…
Read More
Aug 20, 2024Ravie LakshmananMobile Security / Banking Fraud Mobile users in the Czech Republic are the target of a novel phishing campaign that leverages a Progressive Web Application (PWA) in an attempt to steal their banking account credentials. The attacks have targeted the Czech-based Československá obchodní banka (CSOB), as well as the Hungarian OTP Bank…
Read More
Aug 20, 2024The Hacker NewsCybersecurity / Cloud Security As cloud infrastructure becomes the backbone of modern enterprises, ensuring the security of these environments is paramount. With AWS (Amazon Web Services) still being the dominant cloud it is important for any security professional to know where to look for signs of compromise. AWS CloudTrail stands out…
Read More
James Knight, AMD’s global media and entertainment director, says content creation professionals should view AI technologies as an ‘elevated toolset’ for their work and not as a threat. The impact of AI on jobs in media and entertainment has been a contentious issue. AMD executive James Knight said content creation professionals should view AI technologies…
Read More
‘Nothing is safe anymore. The more layers of protection we can have, the better I sleep,’ Randy Jorgensen, managing member of South Jordan, Utah-based RJNetworks, tells CRN. Microsoft will take a phased approach to its requirement that all Azure users adopt multi-factor authentication, starting with Azure portal, Microsoft Entra administration center and Intune admin center…
Read More