Cisco Patches Zero-Day Bug Used by Chinese Velvet Ant Group
A newly patched zero-day vulnerability was exploited by Chinese state-backed hackers to compromise Cisco Nexus switches, researchers have revealed.Cisco released...
News
Chrome Update Will Block Entrust Certificates by November 2024
Google has announced that starting November 1, 2024, Chrome version 127 and higher will no longer trust new TLS server authentication...
Mobile Political Spam Surges Threefold For 2024 Election
Election 2024 mobile political spam volumes have seen a threefold increase compared with 2022 midterms. The data comes from recent research by...
Health Tech Execs Get Jail Time For $1bn Fraud Scheme
Three former C-suite executives at a health tech startup have been sentenced after fraudulently obtaining an estimated $1bn from investors...
Ransomware Attack Demands Reach a Staggering $5.2m in 2024
The average extortion demand per ransomware attack was over $5.2m (£4.1m) in the first half of 2024, according to a...
Critical Vulnerability Affecting Juniper Devices
Juniper has released security updates to address a critical vulnerability (CVE-2024-2973) in their smart router and conductor products. The vulnerability has a...
High-Severity Vulnerability Affecting OpenSSH
Security researchers have discovered a high-severity vulnerability (CVE-2024-6387) in OpenSSH's server (sshd). Successful exploitation of the vulnerability could allow an...
How MFA Failures are Fueling a 500% Surge in Ransomware Losses
The cybersecurity threat landscape has witnessed a dramatic and alarming rise in the average ransomware payment, an increase exceeding 500%....
New Intel CPU Vulnerability ‘Indirector’ Exposes Sensitive Data
Modern CPUs from Intel, including Raptor Lake and Alder Lake, have been found vulnerable to a new side-channel attack that...
OpenSSH Remote Code Execution Vulnerability
A vulnerability was identified in OpenSSH. A remote attacker could exploit this vulnerability to trigger remote code execution on the...
Chinese Hackers Exploiting Cisco Switches Zero-Day to Deliver Malware
A China-nexus cyber espionage group named Velvet Ant has been observed exploiting a zero-day flaw in Cisco NX-OS Software used...
Meta’s ‘Pay or Consent’ Approach Faces E.U. Competition Rules Scrutiny
Meta's decision to offer an ad-free subscription in the European Union (E.U.) has faced a new setback after regulators accused...
Australian Man Charged for Fake Wi-Fi Scam on Domestic Flights
An Australian man has been charged with running a fake Wi-Fi access point during a domestic flight with an aim...
Active Exploitation of Vulnerability in Cisco NX-OS Software
Cisco has released security updates to address a vulnerability (CVE-2024-20399) in their Cisco NX-OS Software. The vulnerability is reportedly being...
Cyber-Insurance Premiums Decline as Firms Build Resilience
Cyber insurance premiums have experienced “double-digit price reductions” over the past year as organizations enhance their cybersecurity, according to a...
Over Six Million Hit by Ransomware Breach at Infosys McCamish Systems
A cyber-attack on outsourcer Infosys McCamish Systems last year impacted more than six million customers, according to a new filing...
Meta’s ‘Pay or Consent’ Data Model Breaches EU Law
The EU Commission has informed Meta that its ‘pay or consent’ model breaches EU law as it does not allow...
Australian Police Arrest Suspect in Fake Wi-Fi Scam Targeting Airport Passengers
The Australian Federal Police (AFP) have arrested a 42-year-old Australian resident who allegedly established a network of fake free Wi-Fi...
US-CERT Vulnerability Summary for the Week of June 24, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Critical Flaws in CocoaPods Expose iOS and macOS Apps to Supply Chain Attacks
A trio of security flaws has been uncovered in the CocoaPods dependency manager for Swift and Objective-C Cocoa projects that...
CapraRAT Spyware Disguised as Popular Apps Threatens Android Users
The threat actor known as Transparent Tribe has continued to unleash malware-laced Android apps as part of a social engineering...
Indian Software Firm’s Products Hacked to Spread Data-Stealing Malware
Installers for three different software products developed by an Indian company named Conceptworld have been trojanized to distribute information-stealing malware....
New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems
OpenSSH maintainers have released security updates to contain a critical security flaw that could result in unauthenticated remote code execution...
End-to-End Secrets Security: Making a Plan to Secure Your Machine Identities
At the heart of every application are secrets. Credentials that allow human-to-machine and machine-to-machine communication. Machine identities outnumber human identities...
