Progress Software has recently issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allow attackers to remotely execute commands on the device.  The company said the flaw tracked as CVE-2024-7591 is categorized as an improper input validation problem allowing an unauthenticated, remote attacker to access LoadMaster’s management interface using a specially crafted HTTP request.

Electronic payment gateway Slim CD recently announced that it had been hit by a cyberattack, potentially exposing the credit card details of 1.7 million individuals.  The firm, which handles electronic payments for US and Canadian-based merchants, revealed that it became aware of suspicious activity in its computer environment around June 15, 2024.  A subsequent investigation identified system access between August 17, 2023, and June 15, 2024, which may have enabled an attacker to view or obtain certain credit card information between June 14, 2024, and June 15, 2024.

Avis Car Rental recently started notifying close to 300,000 individuals that their personal information was stolen in an August 2024 data breach.  The company said the incident was discovered on August 5 when it flagged unauthorized access to one of its business applications.  Avis says it immediately took steps to contain the attack and notified the relevant authorities.

The US recently indicted a Kazakhstani national and a Russian national for operating several dark web sites facilitating the trading of personal, payment card, and banking information.  According to the Department of Justice (DoJ), the two, Alex Khodyrev, 35, of Kazakhstan, and Pavel Kublitskii, 37, of Russia, were the main administrators of wwh-club.ws (WWH Club) and several sister websites between 2014 and 2024.

Elton Aba, a junior at Bearden High School in Knoxville and intern at Oak Ridge National Laboratory (ORNL), worked with researchers to explore how biology can inform cybersecurity. Aba shared some of his discoveries regarding the potential of biomimicry to help secure US critical infrastructure. Aba collaborated with senior cyber researcher Nate Evans on a bio-inspired cybersecurity approach to system defense. With a focus on the similarities between biological and artificial defense systems, Aba and Evans sought to gain further insight into defending against a cyberattack.

A team of security researchers from the University of California, Irvine (UCI), Arizona State University (ASU), and Huntington Ingalls Industries (HII) received a three-year $15 million grant from the US Defense Advanced Research Projects Agency (DARPA) in support of the multi-institutional "Strategic Exploration, Navigation and Patching of Abstracted Integrations" (SENPAI) project.