Category: Uncategorized
-

Juniper Networks Releases Critical Security Update for Routers [email protected] (The Hacker News)
Juniper Networks has released out-of-band security updates to address a critical security flaw that could lead to an authentication bypass in some of its routers. The vulnerability, tracked as CVE-2024-2973, carries a CVSS score of 10.0, indicating maximum severity. “An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router…
-

Google to Block Entrust Certificates in Chrome Starting November 2024 [email protected] (The Hacker News)
Google has announced that it’s going to start blocking websites that use certificates from Entrust starting around November 1, 2024, in its Chrome browser, citing compliance failures and the certificate authority’s inability to address security issues in a timely manner. “Over the past several years, publicly disclosed incident reports highlighted a pattern of concerning behaviors…
-
Brain Cipher Ransomware Attack
What is the attack?A significant ransomware attack has struck Pusat Data Nasional (PDN), one of Indonesia’s government-owned national data centers. This incident involved threat actors encrypting government data, which disrupted digital services for immigration, airport checks, and several public services. This ransomware attack represents a new variant of the LockBit 3.0 ransomware. In 2023, the…
-
Microsoft Alerts More Customers to Email Theft in Expanding Midnight Blizzard Hack Ryan Naraine
Shockwaves from the Russian government’s hack of Microsoft’s corporate infrastructure continue to spread as the victim pool widens. The post Microsoft Alerts More Customers to Email Theft in Expanding Midnight Blizzard Hack appeared first on SecurityWeek. Read More
-

Kimsuky Using TRANSLATEXT Chrome Extension to Steal Sensitive Data [email protected] (The Hacker News)
The North Korea-linked threat actor known as Kimsuky has been linked to the use of a new malicious Google Chrome extension that’s designed to steal sensitive information as part of an ongoing intelligence collection effort. Zscaler ThreatLabz, which observed the activity in early March 2024, has codenamed the extension TRANSLATEXT, highlighting its ability to gather…
-

GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others [email protected] (The Hacker News)
GitLab has released security updates to address 14 security flaws, including one critical vulnerability that could be exploited to run continuous integration and continuous deployment (CI/CD) pipelines as any user. The weaknesses, which affect GitLab Community Edition (CE) and Enterprise Edition (EE), have been addressed in versions 17.1.1, 17.0.3, and 16.11.5. The most severe of…
-
GetReal Labs Emerges From Stealth to Tackle Deepfakes Ionut Arghire
Incubated for two years by Ballistic Ventures, GetReal Labs has launched to combat manipulated content and deepfakes. The post GetReal Labs Emerges From Stealth to Tackle Deepfakes appeared first on SecurityWeek. Read More
-
AuthZed Raises $12 Million for Permissions Management Technology Ionut Arghire
Permissions management technology startup AuthZed has raised $12 million in a Series A funding round led by General Catalyst. The post AuthZed Raises $12 Million for Permissions Management Technology appeared first on SecurityWeek. Read More
-
TeamViewer breached by Russian state actor Midnight Blizzard
Post ContentRead More
-
In Other News: Malware Delivered by ISP, Temu Spying, Critical Dataverse Vulnerability SecurityWeek News
Noteworthy stories that might have slipped under the radar: Korean ISP delivers malware to customers, Temu sued for allegedly spying on users, Microsoft patches a critical Dataverse vulnerability. The post In Other News: Malware Delivered by ISP, Temu Spying, Critical Dataverse Vulnerability appeared first on SecurityWeek. Read More
