SolarWinds addressed a critical remote code execution vulnerability, tracked as CVE-2024-28991, in Access Rights Manager.
The nation’s top cyber watchdogs urged federal agencies to either remove or upgrade an Ivanti appliance that is no longer being updated and has been exploited in attacks.
Radio Geretsried, a local station in Bavaria, said it was trying to save music files and restore systems after an apparent ransomware attack.
Affected users can try to claim up to $10,000 if the breach at 23andMe led to financial fraud or paying up for security or mental health services.
Beware before calling Apple for assistance as scammers are creating malicious ads and fake pages to lure you in.
Antivirus firm Dr.Web has flagged a type of Android malware known as Android.Vo1d that has infected about 1.3 million TV boxes across 197 countries.
The malware effectively enables a backdoor into the TV box's system that allows an attacker to download and install malicious third-party software. The R4 TV box model running Android 7.1.2, a TV Box running Android 12.1, and the KJ-SMART4KVIP TV box running Android 10.1 were the types of devices reportedly impacted.
U.K.'s National Crime Agency says it arrested a 17-year-old teenager who is suspected of being connected to the cyberattack on Transport for London, the city's public transportation agency.
I found a zero-click vulnerability in macOS Calendar, which allows an attacker to add or delete arbitrary files inside the Calendar sandbox environment. This could lead to many bad things including malicious code execution which can be combined with security protection evasion with Photos to compromise users’ sensitive Photos iCloud Photos data. Apple has fixed all of the vulnerabilities between October 2022 and September 2023.
With the US election on the horizon, it’s a good time to explore the concept of social media weaponization and its use in manipulating public opinion.
Apple said there’s “too significant a risk” of exposing the anti-exploit work needed to fend off the very adversaries involved in the case.
Quatre jeunes Suisses ont été arrêtés pour avoir tenté de faire chanter la Banque cantonale de Zurich (ZKB). Ils ont exigé des bitcoins d'une valeur de trois millions de francs, faute de quoi les données de clients de la banque seraient publiées.
A first in our telemetry: Chinese APT Stately Taurus uses Visual Studio Code to maintain a reverse shell in victims' environments for Southeast Asian espionage. A first in our telemetry: Chinese APT Stately Taurus uses Visual Studio Code to maintain a reverse shell in victims' environments for Southeast Asian espionage.
Hackers, fraudsters, and drug dealers are all leaving the platform in one way or another. Some are worried that Telegram may start providing user data to the authorities.
Kawasaki Motors Europe has announced that it's recovering from a cyberattack that caused service disruptions as the RansomHub ransomware gang threatens to leak stolen data.
At the start of September, Kawasaki Motors Europe, (KME) was the subject of a cyber-attack which, although not successful, resulted in the company’s servers being temporarily isolated until a strategic recovery plan was initiated later on the same day.
KME and its country Branches operate a large number of servers and, as a precaution, it was decided to isolate each one and put a cleansing process in place whereby all data was checked and any suspicious material identified and dealt with.
Data centres in the UK are to be classified as critical national infrastructure, joining the emergency services, finance and healthcare systems, and energy and water supplies.
It means they would get extra government support during a major incident, such as a cyber attack, an IT outage or extreme weather, in order to minimise disruption.
CVE-2024-29847 Ivanti Endpoint Manager AgentPortal Deserialization of Untrusted Data Remote Code Execution Vulnerability.
Transport for London's ongoing cyber incident has taken a dark turn as the organization confirmed that some data, including bank details, might have been accessed, and 30,000 employees' passwords will need to be reset via in-person appointments.
Overview While investigating CVE-2024-5932, a code injection vulnerability in the GiveWP WordPress plugin, our team encountered a malicious Proof of Concept (POC) targeting cybersecurity professionals. This has become a growing threat to cybersecurity professionals from […]
International cyber security giant Fortinet has disclosed that it has suffered a data breach.
