CISA Adds High-Severity Ivanti Vulnerability to KEV Catalog – Dark Reading
Ivanti reports that the bug is being actively exploited in the wild for select customers. – Read More
Cyber
Ukraine-Russia Cyber Battles Tip Over Into the Real World – Dark Reading
“Pig butchering,” generative AI, and spear-phishing have all transformed digital warfare. – Read More
The Future of AI Safety: California’s Vetoed Bill & What Comes Next – Dark Reading
Although the veto was a setback, it highlights key debates in the emerging field of AI governance and the potential for California to shape the future of AI regulation. –…
Android 14 Adds New Security Features to Block 2G Exploits and Baseband Attacks – The Hacker News
Google has revealed the various security guardrails that have been incorporated into its latest Pixel devices to counter the rising threat posed by baseband security attacks. The cellular baseband (i.e.,…
Make OT networks a priority, say nine national security agencies – CSO Online
To most people in IT, what happens inside operational technology (OT) networks is a bit of a mystery. They’re hidden networks that keep everything from critical infrastructure to manufacturing humming…
DDoS attacks are increasingly targeting critical infrastructure – CSO Online
Critical infrastructure sectors including banking, financial services, government, and public utilities such as energy providers, experienced a 55% increase in distributed denial-of-service (DDoS) attacks over the past four years, according…
The Secret Weakness Execs Are Overlooking: Non-Human Identities – The Hacker News
For years, securing a company’s systems was synonymous with securing its “perimeter.” There was what was safe “inside” and the unsafe outside world. We built sturdy firewalls and deployed sophisticated…
Fix for BGP routing insecurity ‘plagued by software vulnerabilities’ of its own, researchers find – CSO Online
Resource Public Key Infrastructure (RPKI) is not yet the simple fix for the security weaknesses of the internet’s Border Gateway Protocol (BGP) many in the communications industry think it is,…
New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking – The Hacker News
Linux servers are the target of an ongoing campaign that delivers a stealthy malware dubbed perfctl with the primary aim of running a cryptocurrency miner and proxyjacking software. “Perfctl is…
Navigating the Complexities & Security Risks of Multicloud Management – Dark Reading
Businesses that successfully manage the complexities of multicloud management will be best positioned to thrive in an increasingly digital and interconnected world. – Read More
What Communications Companies Need to Know Before Q-Day – Dark Reading
NIST standardized three algorithms for post-quantum cryptography. What does that mean for the information and communications technology (ICT) industry? – Read More
A Single Cloud Compromise Can Feed an Army of AI Sex Bots – Krebs on Security
Organizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend: Cybercriminals using stolen cloud credentials to operate and resell sexualized…
North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks – The Hacker News
Threat actors with ties to North Korea have been observed delivering a previously undocumented backdoor and remote access trojan (RAT) called VeilShell as part of a campaign targeting Cambodia and…
Critical Ivanti flaw exploited despite available patches – CSO Online
The US Cybersecurity and Infrastructure Security Agency (CISA) has warned Ivanti customers of active exploitation of a critical Endpoint Manager (EPM) vulnerability allowing remote code execution (RCE) that the company…
Meta partners with banks in the UK to combat online scams – CSO Online
Meta is working with banks in the UK to curb the menace of online frauds that originate or are executed on social media platforms such as Facebook or Instagram. The…