News
-
"CISA Warns of Progress Telerik Vulnerability Exploitation"The US Cybersecurity and Infrastructure Security Agency (CISA) warns federal agencies of the ongoing exploitation of a patched authentication bypass vulnerability in Progress Software's Telerik Report Server.
-
"Pakistani Threat Actors Caught Targeting Indian Gov Entities"Cisco Talos and Volexity warn that Pakistan-based threat actors have targeted Indian government entities in two espionage campaigns.
-
"Edge Devices: The New Frontier for Mass Exploitation Attacks"Edge devices, services, and network infrastructure devices often start mass exploitation attacks. There has been a rise of mass exploitation compromises and criminal targeting of edge and infrastructure devices.
-
"UK General Election: Tech Policy Expert Calls for Law Overhaul to Combat Deepfakes"Matthew Feeney, head of tech and innovation at the UK-based Centre for Policy Studies, warned of the deepfake threat to election integrity. The tech policy expert emphasized how technology has made deepfakes easier and cheaper to make.
-
"GitHub Paid Out Over $4 Million via Bug Bounty Program"GitHub has recently announced that through its bug bounty program, which the company launched ten years ago, it has paid out more than $4 million. In 2023, the bug bounty paid out exceeded $850,000.
-
"Rockwell Automation Patches High-Severity Vulnerabilities in FactoryTalk View SE"Rockwell Automation recently announced that it has patched three high-severity vulnerabilities in its FactoryTalk View Site Edition (SE) HMI software.
-
"Microsoft Patches One Critical and One Zero-Day Vulnerability"Microsoft recently revealed updates for 51 vulnerabilities, only one of which was rated "critical." Microsoft noted that the bug, CVE-2024-30080, is a remote code execution (RCE) flaw in Microsoft Message Queuing (MSMQ) and has been assigned a CVSS sco
-
"Phishing Emails Abuse Windows Search Protocol to Push Malicious Scripts"In a new phishing campaign, HTML attachments abusing the Windows Search protocol are used to push batch files hosted on remote servers that deliver malware.
-
"Easily Exploitable Critical Vulnerabilities Found in Open Source AI/ML Tools"A new Protect AI report delves into a dozen critical vulnerabilities in open source Artificial Intelligence (AI) and Machine Learning (ML) tools discovered in recent months.
-
"Feds Saw More Cyberattacks but Better Detection Last Year, FISMA Report Says"A Federal Information Security Modernization Act (FISMA) report recently issued to Congress found that federal agencies saw a nearly 10 percent increase in cyberattacks in 2023, but they also improved their detection and categorization.
-
"Cryptojacking Campaign Targets Misconfigured Kubernetes Clusters"Researchers warn of a cryptojacking campaign targeting misconfigured Kubernetes clusters to mine Dero cryptocurrency.
-
"Panera Warns of Employee Data Breach After March Ransomware Attack"Panera Bread is starting to notify employees of a data breach after unknown threat actors stole their sensitive personal information in a March ransomware attack.