securityweek.com

MITRE Hack: China-Linked Group Breached Systems in December 2023 (www.securityweek.com)

MITRE has shared more details on the recently disclosed hack, including the new malware involved in the attack, attribution information, and a timeline of the attacker’s activities.

Vulnerabilities Expose Brocade SAN Appliances, Switches to Hacking (www.securityweek.com)

Microsoft DRM Hack Could Allow Movie Downloads From Popular Streaming Services (www.securityweek.com)

Microsoft DRM Hack Could Allow Movie Downloads From Popular Streaming Services (www.securityweek.com)

Recompensa de 10 millones de dólares por piratas informáticos iraníes por ataques cibernéticos contra el gobierno de EE.UU. y contratistas de defensa (www.securityweek.com) Spanish

#Tierrasapiens #es #Noticias #Actualidad #Informacion #Mundo #Sociedad #Interes #Ciencias #Cibernoticias #Tecnologia y+ para #Hispanoparlantes

Fortinet Patches Critical RCE Vulnerability in FortiClientLinux (www.securityweek.com)

Palo Alto Networks Patches Vulnerabilities Allowing Firewall Disruption (www.securityweek.com)

CVE-2024-3385: High-severity vulnerability that allows a remote and unauthenticated attacker to reboot hardware-based firewalls by sending specially crafted packets. If repeated, the attacks can force the firewall into maintenance mode, requiring manual intervention for reactivation. It only affects PA-5400 and PA-7000 firewalls...

Firebase leaks datas (www.securityweek.com)

Hundreds of websites misconfigured Google Firebase, leaking more than 125 million user records, including plaintext passwords, security researchers warn....

Major CPU, Software Vendors Impacted by New GhostRace Attack (www.securityweek.com)

The French Government Says It’s Being Targeted by Unusual Intense Cyberattacks (www.securityweek.com)

French Government Services Hit by Intense Cyberattacks: Anonymous Sudan Claims Responsibility for the Denial-of-Service Assaults with Significant Online Disruption

Cisco Patches High-Severity Vulnerabilities in VPN Product (www.securityweek.com)

US Disrupted Chinese Hacking Operation Aimed at Critical Infrastructure: Report (www.securityweek.com)

US government reportedly disabled parts of a botnet-powered cyber campaign conducted by the Chinese threat actor Volt Typhoon.

US Disrupted Chinese Hacking Operation Aimed at Critical Infrastructure: Report (www.securityweek.com)

US government reportedly disabled parts of a botnet-powered cyber campaign conducted by the Chinese threat actor Volt Typhoon.

Tor Code Audit Finds 17 Vulnerabilities (www.securityweek.com)

:/

Cyber Attack disrupt First American and subsidies. (www.securityweek.com)

I’m hearing its more than just first American

SMTP Smuggling Allows Spoofed Emails to Bypass Authentication Protocols (www.securityweek.com)

A new attack technique named SMTP Smuggling can allow malicious actors to send out spoofed emails that bypass authentication mechanisms.

LogoFAIL - A malicious attack that uses the company branding on boot to run deep code that Secure Boot and Operating Systems can't detect (www.securityweek.com)

Firmware security company Binarly on Wednesday disclosed the details of an attack method that can be used to compromise many consumer and enterprise devices by leveraging malicious UEFI logo images....

Hot

MITRE Hack: China-Linked Group Breached Systems in December 2023 (www.securityweek.com)

Vulnerabilities Expose Brocade SAN Appliances, Switches to Hacking (www.securityweek.com)

Microsoft DRM Hack Could Allow Movie Downloads From Popular Streaming Services (www.securityweek.com)

Microsoft DRM Hack Could Allow Movie Downloads From Popular Streaming Services (www.securityweek.com)

Recompensa de 10 millones de dólares por piratas informáticos iraníes por ataques cibernéticos contra el gobierno de EE.UU. y contratistas de defensa (www.securityweek.com) Spanish

Fortinet Patches Critical RCE Vulnerability in FortiClientLinux (www.securityweek.com)

Palo Alto Networks Patches Vulnerabilities Allowing Firewall Disruption (www.securityweek.com)

Firebase leaks datas (www.securityweek.com)

Major CPU, Software Vendors Impacted by New GhostRace Attack (www.securityweek.com)

The French Government Says It’s Being Targeted by Unusual Intense Cyberattacks (www.securityweek.com)

Cisco Patches High-Severity Vulnerabilities in VPN Product (www.securityweek.com)

US Disrupted Chinese Hacking Operation Aimed at Critical Infrastructure: Report (www.securityweek.com)

US Disrupted Chinese Hacking Operation Aimed at Critical Infrastructure: Report (www.securityweek.com)

Tor Code Audit Finds 17 Vulnerabilities (www.securityweek.com)

Cyber Attack disrupt First American and subsidies. (www.securityweek.com)

SMTP Smuggling Allows Spoofed Emails to Bypass Authentication Protocols (www.securityweek.com)

LogoFAIL - A malicious attack that uses the company branding on boot to run deep code that Secure Boot and Operating Systems can't detect (www.securityweek.com)

Cyberattack Disrupts Ace Hardware’s Operations (www.securityweek.com)

Philippine Military Ordered to Stop Using Artificial Intelligence Apps Due to Security Risks (www.securityweek.com)

Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business (www.securityweek.com)

National Security Agency is Starting an Artificial Intelligence Security Center (www.securityweek.com)

Kevin Mitnick has died at age 59 (www.securityweek.com)

US Military Personnel Receiving Unsolicited, Suspicious Smartwatches (www.securityweek.com)

DOJ Launches Cyber Unit to Prosecute Nation-State Threat Actors (www.securityweek.com)

Critical FortiGate SSL VPN Vulnerability (www.securityweek.com)