Microsoft Uncovers Critical Flaws in Rockwell Automation PanelView Plus
Microsoft has revealed two security flaws in Rockwell Automation PanelView Plus that could be weaponized by remote, unauthenticated attackers to...
News
Brazil Halts Meta’s AI Data Processing Amid Privacy Concerns
Brazil's data protection authority, Autoridade Nacional de Proteção de Dados (ANPD), has temporarily banned Meta from processing users' personal data...
Global Police Operation Shuts Down 600 Cybercrime Servers Linked to Cobalt Strike
A coordinated law enforcement operation codenamed MORPHEUS has felled close to 600 servers that were used by cybercriminal groups and...
Twilio’s Authy App Breach Exposes Millions of Phone Numbers
Cloud communications provider Twilio has revealed that unidentified threat actors took advantage of an unauthenticated endpoint in Authy to identify...
APP Fraud Singled Out as Biggest Financial Crime Threat
Two-thirds (65%) of payments professionals see fraud as their most urgent financial crime threat, with authorized push payment (APP) scams...
Dozens of Arrests Disrupt €2.5m Vishing Gang
Spanish and Portuguese police have arrested 54 individuals suspected of participating in a massive vishing fraud scheme that has already...
New RUSI Report Exposes Psychological Toll of Ransomware, Urges Action
Beyond the headlines of stolen data and financial losses, a new report has shed light on the silent struggle of...
Cyber Extortion Soars: SMBs Hit Four Times Harder
Cyber extortion continues to proliferate with an unprecedented number of threat actors and a 77% year-on-year growth in cyber extortion...
Microsoft Uncovers Major Flaws in Rockwell PanelView Plus
Microsoft’s cybersecurity team has uncovered two significant vulnerabilities in Rockwell Automation’s PanelView Plus, a type of human-machine interface (HMI) widely...
WordPress Plugins at Risk From Polyfill Library Compromise
WordPress plugins are currently facing significant security risks due to a recent discovery detailed in a security advisory published by...
Half of Employees Fear Punishment for Reporting Security Mistakes
Half of employees fear repercussions from their organization if they report a security mistake, according to a report by ThinkCyber,...
The Emerging Role of AI in Open-Source Intelligence
Recently the Office of the Director of National Intelligence (ODNI) unveiled a new strategy for open-source intelligence (OSINT) and referred...
Microsoft MSHTML Flaw Exploited to Deliver MerkSpy Spyware Tool
Unknown threat actors have been observed exploiting a now-patched security flaw in Microsoft MSHTML to deliver a surveillance tool called...
Vulnerabilities in PanelView Plus devices could lead to remote code execution
Microsoft discovered and responsibly disclosed two vulnerabilities in Rockwell Automation PanelView Plus that could be remotely exploited by unauthenticated attackers,...
FakeBat Loader Malware Spreads Widely Through Drive-by Download Attacks
The loader-as-a-service (LaaS) known as FakeBat has become one of the most widespread loader malware families distributed using the drive-by...
Israeli Entities Targeted by Cyberattack Using Donut and Sliver Frameworks
Cybersecurity researchers have discovered an attack campaign that targets various Israeli entities with publicly-available frameworks like Donut and Sliver. The...
South Korean ERP Vendor’s Server Hacked to Spread Xctdoor Malware
An unnamed South Korean enterprise resource planning (ERP) vendor's product update server has been found to be compromised to deliver...
Cisco Patches Zero-Day Bug Used by Chinese Velvet Ant Group
A newly patched zero-day vulnerability was exploited by Chinese state-backed hackers to compromise Cisco Nexus switches, researchers have revealed.Cisco released...
Chrome Update Will Block Entrust Certificates by November 2024
Google has announced that starting November 1, 2024, Chrome version 127 and higher will no longer trust new TLS server authentication...
Mobile Political Spam Surges Threefold For 2024 Election
Election 2024 mobile political spam volumes have seen a threefold increase compared with 2022 midterms. The data comes from recent research by...
Health Tech Execs Get Jail Time For $1bn Fraud Scheme
Three former C-suite executives at a health tech startup have been sentenced after fraudulently obtaining an estimated $1bn from investors...
Ransomware Attack Demands Reach a Staggering $5.2m in 2024
The average extortion demand per ransomware attack was over $5.2m (£4.1m) in the first half of 2024, according to a...
Critical Vulnerability Affecting Juniper Devices
Juniper has released security updates to address a critical vulnerability (CVE-2024-2973) in their smart router and conductor products. The vulnerability has a...
High-Severity Vulnerability Affecting OpenSSH
Security researchers have discovered a high-severity vulnerability (CVE-2024-6387) in OpenSSH's server (sshd). Successful exploitation of the vulnerability could allow an...
