Mar 30, 2024NewsroomLinux / Supply Chain Attack RedHat on Friday released an “urgent security alert” warning that two versions of a popular data compression library called XZ Utils (previously LZMA Utils) have been backdoored with malicious code designed to allow unauthorized remote access. The software supply chain compromise, tracked as CVE-2024-3094, has a CVSS score … Read more
Teams mobilized from the interministerial digital affairs department DINUM and France’s cybersecurity agency ANSSI continue to fend off the attacks, added the prime minister’s office. It is still unclear who is behind the attacks. Pro-Russian hacker group Anonymous Sudan claimed responsibility for “a massive cyberattack” on the infrastructure of the French Interministerial Directorate of Digital … Read more
Feb 08, 2024NewsroomCyber Threat / Network Security Cisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses that could be exploited to perform arbitrary actions on affected devices. The first set from Cisco consists of three flaws – CVE-2024-20252 and CVE-2024-20254 (CVSS score: 9.6) and CVE-2024-20255 (CVSS score: 8.2) – … Read more
Jan 17, 2024NewsroomBrowser Security / Vulnerability Google on Tuesday released updates to fix four security issues in its Chrome browser, including an actively exploited zero-day flaw. The issue, tracked as CVE-2024-0519, concerns an out-of-bounds memory access in the V8 JavaScript and WebAssembly engine, which can be weaponized by threat actors to trigger a crash. “By … Read more
Dec 21, 2023NewsroomVulnerability / Zero-Day Google has rolled out security updates for the Chrome web browser to address a high-severity zero-day flaw that it said has been exploited in the wild. The vulnerability, assigned the CVE identifier CVE-2023-7024, has been described as a heap-based buffer overflow bug in the WebRTC framework that could be exploited … Read more
Networking News Gina Narcisi November 13, 2023, 01:49 PM EST “I think a lot of the challenges in the world over the last five to 5-8 years had been a result of people feel that feeling left out and feeling like they haven’t had an opportunity, so to the extent we can help bridge that … Read more
Sep 19, 2023THNData Safety / Cybersecurity Microsoft on Monday said it took steps to correct a glaring security gaffe that led to the exposure of 38 terabytes of private data. The leak was discovered on the company’s AI GitHub repository and is said to have been inadvertently made public when publishing a bucket of open-source … Read more
Aug 25, 2023The Hacker NewsThreat Detection / Artificial Intelligence In today’s digital landscape, your business data is more than just numbers—it’s a powerhouse. Imagine leveraging this data not only for profit but also for enhanced AI and Machine Learning (ML) threat detection. For companies like Comcast, this isn’t a dream. It’s reality. Your business comprehends … Read more
Aug 05, 2023THNVulnerability / Cyber Threat Microsoft on Friday disclosed that it has addressed a critical security flaw impacting Power Platform, but not before it came under criticism for its failure to swiftly act on it. “The vulnerability could lead to unauthorized access to Custom Code functions used for Power Platform custom connectors,” the tech … Read more
Aug 02, 2023THNICS/SCADA Security About 34% of security vulnerabilities impacting industrial control systems (ICSs) that were reported in the first half of 2023 have no patch or remediation, registering a significant increase from 13% the previous year. According to data compiled by SynSaber, a total of 670 ICS product flaws were reported via the U.S. … Read more