Category: Uncategorized
-
PKfail Vulnerability Allows Secure Boot Bypass on Hundreds of Computer Models Eduard Kovacs
A vulnerability dubbed PKfail can allow attackers to run malicious code during the boot process, which can be used to deliver UEFI bootkits. The post PKfail Vulnerability Allows Secure Boot Bypass on Hundreds of Computer Models appeared first on SecurityWeek. Read More
-
97% of Devices Disrupted by CrowdStrike Restored as Insurer Estimates Billions in Losses Eduard Kovacs
CrowdStrike says 97% of Windows systems impacted by its bad update are back online, just as an insurer predicts billions in losses for major companies. The post 97% of Devices Disrupted by CrowdStrike Restored as Insurer Estimates Billions in Losses appeared first on SecurityWeek. Read More
-

Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining [email protected] (The Hacker News)
Cybersecurity researchers are sounding the alarm over an ongoing campaign that’s leveraging internet-exposed Selenium Grid services for illicit cryptocurrency mining. Cloud security Wiz is tracking the activity under the name SeleniumGreed. The campaign, which is targeting older versions of Selenium (3.141.59 and prior), is believed to be underway since at least April 2023. “Unbeknownst to…
-

CrowdStrike Warns of New Phishing Scam Targeting German Customers [email protected] (The Hacker News)
CrowdStrike is alerting about an unfamiliar threat actor attempting to capitalize on the Falcon Sensor update fiasco to distribute dubious installers targeting German customers as part of a highly targeted campaign. The cybersecurity company said it identified what it described as an unattributed spear-phishing attempt on July 24, 2024, distributing an inauthentic CrowdStrike Crash ReporterRead…
-

Critical Flaw in Telerik Report Server Poses Remote Code Execution Risk [email protected] (The Hacker News)
Progress Software is urging users to update their Telerik Report Server instances following the discovery of a critical security flaw that could result in remote code execution. The vulnerability, tracked as CVE-2024-6327 (CVSS score: 9.9), impacts Report Server version 2024 Q2 (10.1.24.514) and earlier. “In Progress Telerik Report Server versions prior to 2024 Q2 (10.1.24.709),…
-
North Korean Charged in Ransomware Attacks on American Hospitals Associated Press
A man who allegedly carried out attacks for a North Korean military intelligence agency has been indicted in a conspiracy to hack healthcare firms, NASA, military bases and other entities. The post North Korean Charged in Ransomware Attacks on American Hospitals appeared first on SecurityWeek. Read More
-
Chainguard Raises $140 Million, Expands Tech to Secure AI Workloads Ryan Naraine
Software supply chain security startup Chainguard raises a $140 million Series C round that values the company at $1.2 billion. The post Chainguard Raises $140 Million, Expands Tech to Secure AI Workloads appeared first on SecurityWeek. Read More
-
An explanation of Flipper Zero
Post ContentRead More
-

North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks [email protected] (The Hacker News)
A North Korea-linked threat actor known for its cyber espionage operations has gradually expanded into financially-motivated attacks that involve the deployment of ransomware, setting it apart from other nation-state hacking groups linked to the country. Google-owned Mandiant is tracking the activity cluster under a new moniker APT45, which overlaps with names such as Andariel, Nickel…
-
BIND Updates Resolve High-Severity DoS Vulnerabilities Ionut Arghire
The latest BIND security updates address remotely exploitable vulnerabilities leading to denial-of-service. The post BIND Updates Resolve High-Severity DoS Vulnerabilities appeared first on SecurityWeek. Read More
