Category: Uncategorized
-

Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager [email protected] (The Hacker News)
Cisco has released patches to address a maximum-severity security flaw impacting Smart Software Manager On-Prem (Cisco SSM On-Prem) that could enable a remote, unauthenticated attacker to change the password of any users, including those belonging to administrative users. The vulnerability, tracked as CVE-2024-20419, carries a CVSS score of 10.0. “This vulnerability is due to improperRead…
-
SolarWinds Serv-U Information Disclosure Vulnerability (CVE-2024-28995)
What is the Vulnerability?A Directory Traversal Vulnerability in SolarWinds Serv-U software is being actively exploited in the wild. Tracked as CVE-2024-28995, the vulnerability is due to improper validation of the user-supplied inputs. An attacker could exploit this vulnerability by sending crafted requests to the target host machine. Successful exploitation could allow access to read sensitive…
-
Atlassian Patches High-Severity Vulnerabilities in Bamboo, Confluence, Jira Ionut Arghire
Atlassian releases security-themed updates to fix several high-severity vulnerabilities in its Bamboo, Confluence and Jira products. The post Atlassian Patches High-Severity Vulnerabilities in Bamboo, Confluence, Jira appeared first on SecurityWeek. Read More
-

North Korean Hackers Update BeaverTail Malware to Target MacOS Users [email protected] (The Hacker News)
Cybersecurity researchers have discovered an updated variant of a known stealer malware that attackers affiliated with the Democratic People’s Republic of Korea (DPRK) have delivered as part of prior cyber espionage campaigns targeting job seekers. The artifact in question is an Apple macOS disk image (DMG) file named “MiroTalk.dmg” that mimics the legitimate video call…
-
Pindrop Security Raises $100 Million to Expand Deepfake Detection Technology Kevin Townsend
The additional funds will be used to further the development of new tools to counter the expanding threat of AI-generated voice deepfakes. The post Pindrop Security Raises $100 Million to Expand Deepfake Detection Technology appeared first on SecurityWeek. Read More
-
Ransomware Attack Disrupts Bassett Furniture Manufacturing Facilities Eduard Kovacs
Furniture manufacturer Bassett Furniture was recently targeted in a ransomware attack that resulted in a shutdown of manufacturing facilities. The post Ransomware Attack Disrupts Bassett Furniture Manufacturing Facilities appeared first on SecurityWeek. Read More
-
Interpol Arrests 300 People in a Global Crackdown on West African Crime Groups Across 5 Continents Associated Press
Interpol arrests 300 people in a global crackdown on West African crime groups specializing in online financial fraud. The post Interpol Arrests 300 People in a Global Crackdown on West African Crime Groups Across 5 Continents appeared first on SecurityWeek. Read More
-

Navigating Insider Risks: Are your Employees Enabling External Threats? [email protected] (The Hacker News)
Attacks on your network are often meticulously planned operations launched by sophisticated threats. Sometimes your technical fortifications provide a formidable challenge, and the attack requires assistance from the inside to succeed. For example, in 2022, the FBI issued a warning1 that SIM swap attacks are growing: gain control of the phone and earn a gateway…
-
MNGI Digestive Health Data Breach Impacts 765,000 Individuals Ionut Arghire
MNGI Digestive Health tells the Maine AGO that hackers accessed the personal information of 765,000 individuals. The post MNGI Digestive Health Data Breach Impacts 765,000 Individuals appeared first on SecurityWeek. Read More
-
Apache HugeGraph Vulnerability Exploited in Wild Eduard Kovacs
A recently patched Apache HugeGraph-Server vulnerability tracked as CVE-2024-27348 is being targeted in attacks. The post Apache HugeGraph Vulnerability Exploited in Wild appeared first on SecurityWeek. Read More
