Security Week
Attackers Use DNS Tunneling to Track Victim Activity, Scan Networks
Threat actors are using DNS tunneling to track victims’ interaction with spam and to scan network infrastructures.
The post Attackers Use DNS Tunneling to Track Victim Activity, Scan Networks appeared first on SecurityWeek.
Google Patches Second Chrome Zero-Day in One Week
Google has announced patches for another Chrome vulnerability that has been exploited in attacks. This is the second zero-day addressed by the company in one week and the third flaw leveraged in malicious attacks in 2024. The new zero-day, tracked as CVE-2024-4761, has been described as a high-severity out-of-bounds write issue in the V8 JavaScript […]
The post Google Patches Second Chrome Zero-Day in One Week appeared first on SecurityWeek.
Student, Personnel Information Stolen in City of Helsinki Cyberattack
The City of Helsinki says usernames, email addresses, and personal information was stolen in a recent cyberattack.
The post Student, Personnel Information Stolen in City of Helsinki Cyberattack appeared first on SecurityWeek.
MITRE EMB3D Threat Model Officially Released
MITRE announced the public availability of the EMB3D threat model for embedded devices used in critical infrastructure.
The post MITRE EMB3D Threat Model Officially Released appeared first on SecurityWeek.
FCC Warns of ‘Royal Tiger’ Robocall Scammers
The FCC has issued a public notice on robocall scammer group ‘Royal Tiger’, the first designated threat actor.
The post FCC Warns of ‘Royal Tiger’ Robocall Scammers appeared first on SecurityWeek.
Zscaler Confirms Only Isolated Test Server Was Hacked
Zscaler has completed its investigation into the recent hacking claims and found that only an isolated test environment was compromised.
The post Zscaler Confirms Only Isolated Test Server Was Hacked appeared first on SecurityWeek.
Apple Patch Day: Code Execution Flaws in iPhones, iPads, macOS
Apple documents another zero-day flaw being exploited on older iPhones and documents security problems in macOS, iOS and iPadOS.
The post Apple Patch Day: Code Execution Flaws in iPhones, iPads, macOS appeared first on SecurityWeek.
China and US Envoys Will Hold First Top-Level Dialogue on Artificial Intelligence
China’s official Xinhua news agency said the two sides would take up issues including the technological risks of AI and global governance.
The post China and US Envoys Will Hold First Top-Level Dialogue on Artificial Intelligence appeared first on SecurityWeek.
Europol Investigating Breach After Hacker Offers to Sell Classified Data
Europol is investigating a data breach, but says no core systems are impacted and no operational data has been compromised.
The post Europol Investigating Breach After Hacker Offers to Sell Classified Data appeared first on SecurityWeek.
NATO Draws a Cyber Red Line in Tensions With Russia
Weakening liberal democracies and weakening the NATO alliance are conjoined in the hybrid war that Russia is conducting against Ukraine.
The post NATO Draws a Cyber Red Line in Tensions With Russia appeared first on SecurityWeek.
Cinterion Modem Flaws Pose Risk to Millions of Devices in Industrial, Other Sectors
A critical vulnerability in the Cinterion cellular modems can be exploited for remote code execution via SMS messages.
The post Cinterion Modem Flaws Pose Risk to Millions of Devices in Industrial, Other Sectors appeared first on SecurityWeek.
Black Basta Ransomware Hit Over 500 Organizations
The US government warns of Black Basta ransomware attacks targeting critical infrastructure organizations.
The post Black Basta Ransomware Hit Over 500 Organizations appeared first on SecurityWeek.
FBCS Collection Agency Data Breach Impacts 2.7 Million
Financial Business and Consumer Solutions (FBCS) says the personal information of 2.7 million was impacted in the recent data breach.
The post FBCS Collection Agency Data Breach Impacts 2.7 Million appeared first on SecurityWeek.
$2.5 Million Offered at Upcoming ‘Matrix Cup’ Chinese Hacking Contest
The Chinese hacking contest Matrix Cup is offering big rewards for exploits targeting OSs, smartphones, enterprise software, browsers, and security products.
The post $2.5 Million Offered at Upcoming ‘Matrix Cup’ Chinese Hacking Contest appeared first on SecurityWeek.
Healthcare Giant Ascension Hacked, Hospitals Diverting Emergency Service
One of the largest healthcare systems in the United States is scrambling to contain a hack that's causing disruption and “downtime procedures” at hospitals around the country.
The post Healthcare Giant Ascension Hacked, Hospitals Diverting Emergency Service appeared first on SecurityWeek.
In Other News: European Parliament Breach, DocGo Hack, VMware Advisories Moved
Noteworthy stories that might have slipped under the radar: European Parliament application breached, DocGo hacked, VMware advisories moved to Broadcom portal.
The post In Other News: European Parliament Breach, DocGo Hack, VMware Advisories Moved appeared first on SecurityWeek.
Exploited Chrome Zero-Day Patched by Google
A Chrome 124 update patches the second Chrome zero-day that has been found to be exploited in malicious attacks in 2024.
The post Exploited Chrome Zero-Day Patched by Google appeared first on SecurityWeek.
500,000 Impacted by Ohio Lottery Ransomware Attack
The Ohio Lottery cyberattack conducted by the DragonForce ransomware group has impacted more than 500,000 individuals.
The post 500,000 Impacted by Ohio Lottery Ransomware Attack appeared first on SecurityWeek.
RSA Conference 2024 – Announcements Summary (Day 4)
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
The post RSA Conference 2024 – Announcements Summary (Day 4) appeared first on SecurityWeek.
Accenture Lands $789 Million Contract to Bolster U.S. Navy Cybersecurity
Accenture Federal Services wins $789 million U.S. Navy SHARKCAGE cybersecurity contract.
The post Accenture Lands $789 Million Contract to Bolster U.S. Navy Cybersecurity appeared first on SecurityWeek.