UN Adopts Controversial Cybercrime Treaty
United Nations member states have adopted the Convention Against Cybercrime, ending almost three years of negotiations.However, many stakeholders, including NGOs...
News
US-CERT Vulnerability Summary for the Week of August 5, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
How Phishing Attacks Adapt Quickly to Capitalize on Current Events
In 2023, no fewer than 94 percent of businesses were impacted by phishing attacks, a 40 percent increase compared to...
FreeBSD Releases Urgent Patch for High-Severity OpenSSH Vulnerability
The maintainers of the FreeBSD Project have released security updates to address a high-severity flaw in OpenSSH that attackers could...
The AI Hangover is Here – The End of the Beginning
After a good year of sustained exuberance, the hangover is finally here. It's a gentle one (for now), as the...
Researchers Uncover Vulnerabilities in Solarman and Deye Solar Systems
Cybersecurity researchers have identified a number of security shortcomings in photovoltaic system management platforms operated by Chinese companies Solarman and...
EastWind Attack Deploys PlugY and GrewApacha Backdoors Using Booby-Trapped LNK Files
The Russian government and IT organizations are the target of a new campaign that delivers a number of backdoors and...
Industrial Remote Access Tool Ewon Cosy+ Vulnerable to Root Access Attacks
Security vulnerabilities have been disclosed in the industrial remote access solution Ewon Cosy+ that could be abused to gain root...
Debian Linux Kernel Multiple Vulnerabilities
Multiple vulnerabilities were identified in Debian Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial of service...
ChromeOS Multiple Vulnerabilities
Multiple vulnerabilities were identified in ChromeOS. A remote attacker could exploit some of these vulnerabilities to trigger denial of service...
SUSE Linux Kernel Multiple Vulnerabilities
Multiple vulnerabilities were identified in SUSE Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial...
Ubuntu Linux Kernel Multiple Vulnerabilities
Multiple vulnerabilities were identified in Ubuntu Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial...
Samsung Products Multiple Vulnerabilities
Multiple vulnerabilities were identified in Samsung Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of...
Rogue PyPI Library Solana Users, Steals Blockchain Wallet Keys
Cybersecurity researchers have discovered a new malicious package on the Python Package Index (PyPI) repository that masquerades as a library...
Researchers Uncover 10 Flaws in Google’s File Transfer Tool Quick Share
As many as 10 security flaws have been uncovered in Google's Quick Share data transfer utility for Android and Windows...
New Malware Hits 300,000 Users with Rogue Chrome and Edge Extensions
An ongoing, widespread malware campaign has been observed installing rogue Google Chrome and Microsoft Edge extensions via a trojan distributed...
Sonos Speaker Flaws Could Have Let Remote Hackers Eavesdrop on Users
Cybersecurity researchers have uncovered weaknesses in Sonos smart speakers that could be exploited by malicious actors to clandestinely eavesdrop on...
Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure
Microsoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could result in unauthorized disclosure of sensitive information...
#BHUSA: CoSAI, Combating AI Risks Through Industry Collaboration
In early July 2024, some of the world’s leading AI companies joined forces to create the Coalition for Secure AI...
#BHUSA: CISA Encourages Organizations to Adopt a ‘Secure by Demand’ Strategy
One of the US Cybersecurity and Infrastructure Security Agency's (CISA) flagship initiatives is Secure by Design, launched in 2023. Now, the...
Threat Actors Favor Rclone, WinSCP and cURL as Data Exfiltration Tools
Data exfiltration is critical in double extortion cyber-attacks, which have become the new gold standard of ransomware attacks.In a new report,...
OpenAI Leadership Split Over In-House AI Watermarking Technology
OpenAI has a tool to automatically watermark AI-generated content, but company leadership is split on whether to release it to...
Experts Uncover Severe AWS Flaws Leading to RCE, Data Theft, and Full-Service Takeovers
Cybersecurity researchers have discovered multiple critical flaws in Amazon Web Services (AWS) offerings that, if successfully exploited, could result in...
Microsoft Reveals Four OpenVPN Flaws Leading to Potential RCE and LPE
Microsoft on Thursday disclosed four medium-severity security flaws in the open-source OpenVPN software that could be chained to achieve remote...