Forrester: GenAI Will Lead to Breaches and Fines in 2024
Rampant generative AI (GenAI) use next year will lead to some major data breaches and fines for application developers using the...
Month: November 2023
CISA: Atlassian Releases Security Advisory for Confluence Data Center and Server
Atlassian Releases Security Advisory for Confluence Data Center and Server Atlassian released a security advisory to address a vulnerability (CVE-2023-22518)...
CISA: CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities
CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities Today, CISA updated its guidance addressing two vulnerabilities, CVE-2023-20198 and...
CISA: CISA Releases Six Industrial Control Systems Advisories
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on November 2, 2023. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco released security advisories for vulnerabilities affecting multiple Cisco products. A cyber threat...
AI Safety Summit: Biden-Harris Administration Launches US AI Safety Institute
The US Department of Commerce has created a new government body to lead the US government’s efforts on AI safety...
The People Hacker: AI a Game-Changer in Social Engineering Attacks
Cybercriminals are using artificial intelligence (AI) to launch more sophisticated social engineering attacks, and experts are warning that it is...
Spy Module Discovered in WhatsApp Mods
Users seeking additional features in mobile apps have been increasingly turning to third-party developers who offer mods that often come...
Israeli Entities Under Attack By MuddyWater’s Advanced Tactics
A new social engineering campaign conducted by the “MuddyWater” group has been observed targeting two Israeli entities with tactics, techniques and...
Microsoft Takes on Cyber-Threats with New Secure Future Initiative
Microsoft has announced a major new cybersecurity initiative designed to help the company better respond to the increasing speed, scale...
Atlassian Finds Public Exploit for Critical Bug
Software vendor Atlassian has discovered “publicly posted critical information” about a recently published critical vulnerability, increasing the likelihood it will...
UK AI Safety Institute: A Blueprint for the Future of AI?
The UK Frontier AI Taskforce, a government-funded initiative launched in April 2023 as the Foundation Model Taskforce, is evolving to...
Healthcare Data Breaches Impact 88 Million Americans
Threat actors have compromised sensitive health data on tens of millions of US patients so far this year, according to...
Play Ransomware Victim: GeoPoint Surveying
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
US-CERT Vulnerability Summary for the Week of October 23, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info projectworlds_pvt._limited -- online_art_gallery Online Art Gallery v1.0 is vulnerable to multiple...
Aws-Waf-Header-Analyzer – The Purpose Of The Project Is To Create Rate Limit In AWS WaF Based On HTTP Headers
The purpose of the project is to create rate limit in AWS WaF based on HTTP headers.Golang is a dependencie...
HackerOne Bug Bounty Disclosure: b-information-disclosure-due-unauthenticated-access-to-apis-and-system-browser-functions-b-sufatmawati
Company Name: b'U.S. Dept Of Defense' Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:b'sufatmawati'Link to Submitters Profile:https://hackerone.com/b'sufatmawati' Report Title:b' Information disclosure due...
HackerOne Bug Bounty Disclosure: b-user-automatically-logged-in-as-sys-admin-user-on-https-administration-administration-aspx-b-mrr-b-t
Company Name: b'U.S. Dept Of Defense' Company HackerOne URL: https://hackerone.com/deptofdefense Submitted By:b'mrr0b0t2324'Link to Submitters Profile:https://hackerone.com/b'mrr0b0t2324' Report Title:b'User automatically logged in...
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco released security advisories for vulnerabilities affecting multiple Cisco products. A cyber threat...
Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments
The threat actors linked to Kinsing have been observed attempting to exploit the recently disclosed Linux privilege escalation flaw called...
Predictive AI in Cybersecurity: Outcomes Demonstrate All AI is Not Created Equally
Here is what matters most when it comes to artificial intelligence (AI) in cybersecurity: Outcomes. As the threat landscape evolves...
NodeStealer Malware Hijacking Facebook Business Accounts for Malicious Ads
Compromised Facebook business accounts are being used to run bogus ads that employ "revealing photos of young women" as lures...
CanesSpy Spyware Discovered in Modified WhatsApp Versions
Cybersecurity researchers have unearthed a number of WhatsApp mods for Android that come fitted with a spyware module dubbed CanesSpy....
