Category: Uncategorized
-
AMD Investigating Breach Claims After Hacker Offers to Sell Data Eduard Kovacs
AMD has launched an investigation after a notorious hacker announced selling sensitive data allegedly belonging to the company. The post AMD Investigating Breach Claims After Hacker Offers to Sell Data appeared first on SecurityWeek. Read More
-

Mailcow Mail Server Flaws Expose Servers to Remote Code Execution [email protected] (The Hacker News)
Two security vulnerabilities have been disclosed in the Mailcow open-source mail server suite that could be exploited by malicious actors to achieve arbitrary code execution on susceptible instances. Both shortcomings impact all versions of the software prior to version 2024-04, which was released on April 4, 2024. The issues were responsibly disclosed by SonarSource on…
-

Signal Foundation Warns Against EU’s Plan to Scan Private Messages for CSAM [email protected] (The Hacker News)
A controversial proposal put forth by the European Union to scan users’ private messages for detection child sexual abuse material (CSAM) poses severe risks to end-to-end encryption (E2EE), warned Meredith Whittaker, president of the Signal Foundation, which maintains the privacy-focused messaging service of the same name. “Mandating mass scanning of private communications fundamentallyRead More
-
Two Men Plead Guilty to Hacking Law Enforcement Database for Doxing Ionut Arghire
Sagar Steven Singh and Nicholas Ceraolo pleaded guilty to hacking a database maintained by a US federal law enforcement agency. The post Two Men Plead Guilty to Hacking Law Enforcement Database for Doxing appeared first on SecurityWeek. Read More
-

Cybercriminals Exploit Free Software Lures to Deploy Hijack Loader and Vidar Stealer [email protected] (The Hacker News)
Threat actors are luring unsuspecting users with free or pirated versions of commercial software to deliver a malware loader called Hijack Loader, which then deploys an information stealer known as Vidar Stealer. “Adversaries had managed to trick users into downloading password-protected archive files containing trojanized copies of a Cisco Webex Meetings App (ptService.exe),” Trellix securityRead…
-
New BadSpace Backdoor Deployed in Drive-By Attacks Ionut Arghire
The BadSpace backdoor is being distributed via drive-by attacks involving infected websites and JavaScript downloaders. The post New BadSpace Backdoor Deployed in Drive-By Attacks appeared first on SecurityWeek. Read More
-
Non-human Identity Lifecycle Firm Entro Security Raises $18 Million Kevin Townsend
Entro’s platform is designed to bring order to the increasingly chaotic management of non-human identities. The post Non-human Identity Lifecycle Firm Entro Security Raises $18 Million appeared first on SecurityWeek. Read More
-
New TikTag Attack Targets Arm CPU Security Feature Eduard Kovacs
Researchers have targeted the MTE security feature in Arm CPUs and showed how attackers could bypass protections. The post New TikTag Attack Targets Arm CPU Security Feature appeared first on SecurityWeek. Read More
-

The Annual SaaS Security Report: 2025 CISO Plans and Priorities [email protected] (The Hacker News)
Seventy percent of enterprises are prioritizing investment in SaaS security by establishing dedicated teams to secure SaaS applications, as part of a growing trend of maturity in this field of cybersecurity, according to a new survey released this month by the Cloud Security Alliance (CSA). Despite economic instability and major job cuts in 2023, organizations…
-
Chinese Hackers Leveraged Legacy F5 BIG-IP Appliance for Persistence Ionut Arghire
China-linked threat actor Velvet Ant leveraged a legacy F5 BIG-IP appliance for three-year access to a victim’s network. The post Chinese Hackers Leveraged Legacy F5 BIG-IP Appliance for Persistence appeared first on SecurityWeek. Read More
