New Flaws in Sonos Smart Speakers Allow Hackers to Eavesdrop on Users
Cybersecurity researchers have uncovered weaknesses in Sonos smart speakers that could be exploited by malicious actors to clandestinely eavesdrop on...
News
DOJ Charges Nashville Man for Helping North Koreans Get U.S. Tech Jobs
The U.S. Department of Justice (DoJ) on Thursday charged a 38-year-old individual from Nashville, Tennessee, for allegedly running a "laptop...
Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE
Microsoft researchers recently identified multiple medium severity vulnerabilities in OpenVPN, an open-source project with binaries integrated into routers, firmware, PCs,...
CISA Warns of Hackers Exploiting Legacy Cisco Smart Install Feature
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed that threat actors are abusing the legacy Cisco Smart Install...
Ethical Hackers Steal and Return $12m to Ronin Network
A popular Ethereum blockchain which was the victim of the largest ever crypto-heist back in 2022 suffered a $12m loss...
BlackSuit/Royal Ransomware Group Has Demanded $500m
A prolific ransomware group has demanded more than $500m from its victims in less than two years, according to new...
North Korea Kimsuky Launch Phishing Attacks on Universities
Cybersecurity analysts have uncovered critical details about the North Korean advanced persistent threat (APT) group Kimsuky, which has been targeting...
#BHUSA: CISA Director Confident in US Election Security
As the 2024 US election approaches, cybersecurity leaders intensify their efforts to safeguard the democratic process, drawing insights from global...
Phishing Attack Exploits Google, WhatsApp to Steal Data
Researchers have uncovered a sophisticated phishing campaign that exploits the trust users place in well-known websites like Google Drawings and...
#BHUSA: Ransomware Drill Targets Healthcare in Operation 911
Las Vegas law enforcement, the FBI and Semperis conducted a ransomware tabletop exercise targeting the healthcare sector at Black Hat...
SEC Investigation into Progress MOVEit Hack Ends Without Charges
The US Securities and Exchange Commission (SEC) will not bring charges against Progress Software over the MOVEit software supply chain...
University Professors Targeted by North Korean Cyber Espionage Group
The North Korea-linked threat actor known as Kimsuky has been linked to a new set of attacks targeting university staff,...
0.0.0.0 Day: 18-Year-Old Browser Vulnerability Impacts MacOS and Linux Devices
Cybersecurity researchers have discovered a new "0.0.0.0 Day" impacting all major web browsers that malicious websites could take advantage of...
Automated Security Validation: One (Very Important) Part of a Complete CTEM Framework
The last few years have seen more than a few new categories of security solutions arise in hopes of stemming...
Unlock the Future of Cybersecurity: Exclusive, Next Era AI Insights and Cutting-Edge Training at SANS Network Security 2024
The Immersive Experience Happening This September in Las Vegas!In an era of relentless cybersecurity threats and rapid technological advancement, staying...
New Phishing Scam Uses Google Drawings and WhatsApp Shortened Links
Cybersecurity researchers have discovered a novel phishing campaign that leverages Google Drawings and shortened links generated via WhatsApp to evade...
Windows Downgrade Attack Risks Exposing Patched Systems to Old Vulnerabilities
Microsoft said it is developing security updates to address two loopholes that it said could be abused to stage downgrade...
FBI and CISA Warn of BlackSuit Ransomware That Demands Up to $500 Million
The ransomware strain known as BlackSuit has demanded as much as $500 million in ransoms to date, with one individual...
Critical Security Flaw in WhatsUp Gold Under Active Attack – Patch Now
A critical security flaw impacting Progress Software WhatsUp Gold is seeing active exploitation attempts, making it essential that users move...
ICO Prepares £6m Fine for NHS Supplier Advanced
The UK’s data protection watchdog has announced a provisional £6m fine for a healthcare IT service provider, after ruling that...
#BHUSA: DARPA’s AI Cyber Challenge Heats Up as Healthcare Sector Watches
With software vulnerabilities being exploited at an alarming rate, the Defense Advanced Research Projects Agency's (DARPA) AI Cyber Challenge (AIxCC)...
#BHUSA: The Board Needs to Understand AI Deployment Risks
The idiosyncratic use of AI within organizations is a problem when it comes to risk. Instead, AI deployment must be...
UK Managers Improve Cyber Knowledge but Staff Lack Training
Managers in UK organizations are getting better at understanding online safety best practice, but their skills are not necessarily matched...
CISA Releases Guide to Enhance Software Security Evaluations
The US Cybersecurity and Infrastructure Security Agency (CISA) has released a new guide to enhance how organizations evaluate software manufacturers'...