The vulnerabilities, patched in OpenVPN 2.6.10, expose users on the Windows platform to remote code execution attacks.
The post Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains appeared first on SecurityWeek.
Russia Blocks Signal Messaging App as Authorities Tighten Control Over Information
Signal uses end-to-end encryption, making it difficult for the Russian government to intercept communications.
The post Russia Blocks Signal Messaging App as Authorities Tighten Control Over Information appeared first on SecurityWeek.
Criminal IP and Maltego Join Forces for Enhanced Cyber Threat Search
AI SPERA announced today that its IP address intelligence engine, Criminal IP, can now be integrated with Maltego’s unified user interface and is available on the Maltego’s marketplace, […]
200k Impacted by East Valley Institute of Technology Data Breach
The personal and health information of students, staff, faculty, and parents was compromised in a data breach at East Valley Institute of Technology.
The post 200k Impacted by East Valley Institute of Technology Data Breach appeared first on SecurityWeek.
Black Hat USA 2024 – Summary of Vendor Announcements
Hundreds of companies and organizations showcased their products and services last week at the 2024 edition of the Black Hat conference in Las Vegas.
The post Black Hat USA 2024 – Summary of Vendor Announcements appeared first on SecurityWeek.
How Phishing Attacks Adapt Quickly to Capitalize on Current Events
In 2023, no fewer than 94 percent of businesses were impacted by phishing attacks, a 40 percent increase compared to the previous year, according to research from Egress.
What’s behind the surge in phishing? One popular answer is AI – particularly generative AI, which has made it trivially easier for threat actors to craft content that they can use in phishing campaigns, like malicious emails
What’s behind the surge in phishing? One popular answer is AI – particularly generative AI, which has made it trivially easier for threat actors to craft content that they can use in phishing campaigns, like malicious emails
Bipartisan Bill to Tighten Vulnerability Disclosure Rules for Federal Contractors
The Federal Contractor Cybersecurity Vulnerability Reduction Act of 2024 would require federal contractors to adhere to NIST’s vulnerability disclosure guidelines.
The post Bipartisan Bill to Tighten Vulnerability Disclosure Rules for Federal Contractors appeared first on SecurityWeek.
Researchers Uncover Vulnerabilities in Solarman and Deye Solar Systems
Cybersecurity researchers have identified a number of security shortcomings in photovoltaic system management platforms operated by Chinese companies Solarman and Deye that could enable malicious actors to cause disruption and power blackouts.
“If exploited, these vulnerabilities could allow an attacker to control inverter settings that could take parts of the grid down, potentially causing
“If exploited, these vulnerabilities could allow an attacker to control inverter settings that could take parts of the grid down, potentially causing
The AI Hangover is Here – The End of the Beginning
After a good year of sustained exuberance, the hangover is finally here. It’s a gentle one (for now), as the market corrects the share price of the major players (like Nvidia, Microsoft, and Google), while other players reassess the market and adjust priorities. Gartner calls it the trough of disillusionment, when interest wanes and implementations fail to deliver the promised breakthroughs.
FreeBSD Releases Urgent Patch for High-Severity OpenSSH Vulnerability
The maintainers of the FreeBSD Project have released security updates to address a high-severity flaw in OpenSSH that attackers could potentially exploit to execute arbitrary code remotely with elevated privileges.
The vulnerability, tracked as CVE-2024-7589, carries a CVSS score of 7.4 out of a maximum of 10.0, indicating high severity.
“A signal handler in sshd(8) may call a logging function
The vulnerability, tracked as CVE-2024-7589, carries a CVSS score of 7.4 out of a maximum of 10.0, indicating high severity.
“A signal handler in sshd(8) may call a logging function