Category: Uncategorized
-
Second Pwn2Own Automotive Contest Offers Over $1 Million in Prizes Ionut Arghire
ZDI offers over $1 million in cash and prizes at the next Pwn2Own Automotive hacking contest, set for January 2025 in Tokyo. The post Second Pwn2Own Automotive Contest Offers Over $1 Million in Prizes appeared first on SecurityWeek. Read More
-
Third Recent Ivanti Vulnerability Exploited in the Wild Eduard Kovacs
CVE-2024-7593 is the third Ivanti product vulnerability patched in recent months that has been exploited in the wild. The post Third Recent Ivanti Vulnerability Exploited in the Wild appeared first on SecurityWeek. Read More
-
Webinar Today: Shield Your Data, Secure Your Future: A Multi-Layered Approach to Operational Resilience SecurityWeek News
Join the webinar to gain insights and learn actionable steps to enhance your organization’s data security and resilience. The post Webinar Today: Shield Your Data, Secure Your Future: A Multi-Layered Approach to Operational Resilience appeared first on SecurityWeek. Read More
-

Agentic AI in SOCs: A Solution to SOAR’s Unfulfilled Promises [email protected] (The Hacker News)
Security Orchestration, Automation, and Response (SOAR) was introduced with the promise of revolutionizing Security Operations Centers (SOCs) through automation, reducing manual workloads and enhancing efficiency. However, despite three generations of technology and 10 years of advancements, SOAR hasn’t fully delivered on its potential, leaving SOCs still grappling with many of the sameRead More
-

ChatGPT macOS Flaw Could’ve Enabled Long-Term Spyware via Memory Function [email protected] (The Hacker News)
A now-patched security vulnerability in OpenAI’s ChatGPT app for macOS could have made it possible for attackers to plant long-term persistent spyware into the artificial intelligence (AI) tool’s memory. The technique, dubbed SpAIware, could be abused to facilitate “continuous data exfiltration of any information the user typed or responses received by ChatGPT, including any future…
-
Iran Was Behind Thousands of Text Messages Calling for Revenge Over Quran Burnings, Sweden Says Associated Press
Sweden is accusing Iran of hacking SMS service and sending out thousands of text messages calling for revenge over Quran burnings. The post Iran Was Behind Thousands of Text Messages Calling for Revenge Over Quran Burnings, Sweden Says appeared first on SecurityWeek. Read More
-

Transportation Companies Hit by Cyberattacks Using Lumma Stealer and NetSupport Malware [email protected] (The Hacker News)
Transportation and logistics companies in North America are the target of a new phishing campaign that delivers a variety of information stealers and remote access trojans (RATs). The activity cluster, per Proofpoint, makes use of compromised legitimate email accounts belonging to transportation and shipping companies so as to inject malicious content into existing email conversations.…
-

CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns [email protected] (The Hacker News)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting Ivanti Virtual Traffic Manager (vTM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2024-7593 (CVSS score: 9.8), which could be exploited by a remote unauthenticated attacker to bypass theRead…
-
CrowdStrike Overhauls Testing and Rollout Procedures to Avoid System Crashes Ryan Naraine
CrowdStrike says it has revamped several testing, validation, and update rollout processes to prevent a repeat of the July BSOD incident. The post CrowdStrike Overhauls Testing and Rollout Procedures to Avoid System Crashes appeared first on SecurityWeek. Read More
-
Automatic Tank Gauges Used in Critical Infrastructure Plagued by Critical Vulnerabilities Eduard Kovacs
Bitsight finds critical vulnerabilities in several automatic tank gauge (ATG) products used in various critical infrastructure sectors. The post Automatic Tank Gauges Used in Critical Infrastructure Plagued by Critical Vulnerabilities appeared first on SecurityWeek. Read More
