Category: Uncategorized
-
![⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 January] info@thehackernews.com (The Hacker News)](https://sekuritasit.com/wp-content/uploads/2025/01/recap-RWazZR.png)
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 January] [email protected] (The Hacker News)
Welcome to your weekly cybersecurity scoop! Ever thought about how the same AI meant to protect our hospitals could also compromise them? This week, we’re breaking down the sophisticated world of AI-driven threats, key updates in regulations, and some urgent vulnerabilities in healthcare tech that need our attention. As we unpack these complex topics, we’ll…
-

Do We Really Need The OWASP NHI Top 10? [email protected] (The Hacker News)
The Open Web Application Security Project has recently introduced a new Top 10 project – the Non-Human Identity (NHI) Top 10. For years, OWASP has provided security professionals and developers with essential guidance and actionable frameworks through its Top 10 projects, including the widely used API and Web Application security lists. Non-human identity security represents…
-

GamaCopy Mimics Gamaredon Tactics in Cyber Espionage Targeting Russian Entities [email protected] (The Hacker News)
A previously unknown threat actor has been observed copying the tradecraft associated with the Kremlin-aligned Gamaredon hacking group in its cyber attacks targeting Russian-speaking entities. The campaign has been attributed to a threat cluster dubbed GamaCopy, which is assessed to share overlaps with another hacking group named Core Werewolf, also tracked as Awaken Likho and…
-

MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks [email protected] (The Hacker News)
Threat hunters have detailed an ongoing campaign that leverages a malware loader called MintsLoader to distribute secondary payloads such as the StealC information stealer and a legitimate open-source network computing platform called BOINC. “MintsLoader is a PowerShell based malware loader that has been seen delivered via spam emails with a link to Kongtuke/ClickFix pages or…
-

Meta’s Llama Framework Flaw Exposes AI Systems to Remote Code Execution Risks [email protected] (The Hacker News)
A high-severity security flaw has been disclosed in Meta’s Llama large language model (LLM) framework that, if successfully exploited, could allow an attacker to execute arbitrary code on the llama-stack inference server. The vulnerability, tracked as CVE-2024-50050, has been assigned a CVSS score of 6.3 out of 10.0. Supply chain security firm Snyk, on the…
-
Data sovereignty compliance challenges and best practices
Post ContentRead More
-

RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations [email protected] (The Hacker News)
A group of academics has disclosed details of over 100 security vulnerabilities impacting LTE and 5G implementations that could be exploited by an attacker to disrupt access to service and even gain a foothold into the cellular core network. The 119 vulnerabilities, assigned 97 unique CVE identifiers, span seven LTE implementations – Open5GS, Magma, OpenAirInterface,…
-
AMD processor vulnerability inadvertently leaked early
Post ContentRead More
-

2025 State of SaaS Backup and Recovery Report [email protected] (The Hacker News)
The modern workplace has undergone a seismic transformation over recent years, with hybrid work becoming the norm and businesses rapidly adopting cloud-based Software-as-a-Service (SaaS) applications to facilitate it. SaaS applications like Microsoft 365 and Google Workspace have now become the backbone of business operations, enabling seamless collaboration and productivity. However, thisRead More
-

DoJ Indicts 5 Individuals for $866K North Korean IT Worker Scheme Violations [email protected] (The Hacker News)
The U.S. Department of Justice (DoJ) on Thursday indicted two North Korean nationals, a Mexican national, and two of its own citizens for their alleged involvement in the ongoing fraudulent information technology (IT) worker scheme that seeks to generate revenue for the Democratic People’s Republic of Korea (DPRK) in violation of international sanctions. The action…
