Google Patches Fourth Chrome Zero-Day in Two Weeks (www.securityweek.com)
Remember IE5 days? ;)
Llama Drama: Critical Flaw in AI Python Package Can Lead to System and Data Compromise (CVE-2024-34359) (www.securityweek.com)
Third Chrome Zero-Day Patched by Google Within One Week (www.securityweek.com)
Google releases Chrome 125 to the stable channel with patches for nine vulnerabilities, including a zero-day.
MITRE Hack: China-Linked Group Breached Systems in December 2023 (www.securityweek.com)
MITRE has shared more details on the recently disclosed hack, including the new malware involved in the attack, attribution information, and a timeline of the attacker’s activities.
Vulnerabilities Expose Brocade SAN Appliances, Switches to Hacking (www.securityweek.com)
Microsoft DRM Hack Could Allow Movie Downloads From Popular Streaming Services (www.securityweek.com)
Microsoft DRM Hack Could Allow Movie Downloads From Popular Streaming Services (www.securityweek.com)
Recompensa de 10 millones de dólares por piratas informáticos iraníes por ataques cibernéticos contra el gobierno de EE.UU. y contratistas de defensa (www.securityweek.com) Spanish
#Tierrasapiens #es #Noticias #Actualidad #Informacion #Mundo #Sociedad #Interes #Ciencias #Cibernoticias #Tecnologia y+ para #Hispanoparlantes
Palo Alto Networks Patches Vulnerabilities Allowing Firewall Disruption (www.securityweek.com)
CVE-2024-3385: High-severity vulnerability that allows a remote and unauthenticated attacker to reboot hardware-based firewalls by sending specially crafted packets. If repeated, the attacks can force the firewall into maintenance mode, requiring manual intervention for reactivation. It only affects PA-5400 and PA-7000 firewalls...
Fortinet Patches Critical RCE Vulnerability in FortiClientLinux (www.securityweek.com)
Firebase leaks datas (www.securityweek.com)
Hundreds of websites misconfigured Google Firebase, leaking more than 125 million user records, including plaintext passwords, security researchers warn....
Major CPU, Software Vendors Impacted by New GhostRace Attack (www.securityweek.com)
The French Government Says It’s Being Targeted by Unusual Intense Cyberattacks (www.securityweek.com)
French Government Services Hit by Intense Cyberattacks: Anonymous Sudan Claims Responsibility for the Denial-of-Service Assaults with Significant Online Disruption
Cisco Patches High-Severity Vulnerabilities in VPN Product (www.securityweek.com)
Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack (www.securityweek.com)
Security firm Avast observed attacks last year and developed a proof-of-concept (PoC) exploit and sent it to Microsoft in August 2023. It took Microsoft six months to make a patch (until February 2024) and didn’t mark it as a zero day in Microsoft Vulnerability Management.
Tor Code Audit Finds 17 Vulnerabilities (www.securityweek.com)
:/
US Disrupted Chinese Hacking Operation Aimed at Critical Infrastructure: Report (www.securityweek.com)
US government reportedly disabled parts of a botnet-powered cyber campaign conducted by the Chinese threat actor Volt Typhoon.
US Disrupted Chinese Hacking Operation Aimed at Critical Infrastructure: Report (www.securityweek.com)
US government reportedly disabled parts of a botnet-powered cyber campaign conducted by the Chinese threat actor Volt Typhoon.
Cyber Attack disrupt First American and subsidies. (www.securityweek.com)
I’m hearing its more than just first American
SMTP Smuggling Allows Spoofed Emails to Bypass Authentication Protocols (www.securityweek.com)
A new attack technique named SMTP Smuggling can allow malicious actors to send out spoofed emails that bypass authentication mechanisms.
LogoFAIL - A malicious attack that uses the company branding on boot to run deep code that Secure Boot and Operating Systems can't detect (www.securityweek.com)
Firmware security company Binarly on Wednesday disclosed the details of an attack method that can be used to compromise many consumer and enterprise devices by leveraging malicious UEFI logo images....
Cyberattack Disrupts Ace Hardware’s Operations (www.securityweek.com)
Cyberattack cripples Ace Hardware’s internal systems, resulting in shipment delays, suspended online orders.
Philippine Military Ordered to Stop Using Artificial Intelligence Apps Due to Security Risks (www.securityweek.com)
Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business (www.securityweek.com)
