U.K.’s National Crime Agency says it arrested a 17-year-old teenager who is suspected of being connected to the cyberattack on Transport for London, the city’s public transportation agency. […]
Hackers targeting WhatsUp Gold with public exploit since August
Hackers have been leveraging publicly available exploit code for two critical vulnerabilities in the WhatsUp Gold network availability and performance monitoring solution from Progress Software. […]
New Android Malware ‘Ajina.Banker’ Steals Financial Data and Bypasses 2FA via Telegram
Bank customers in the Central Asia region have been targeted by a new strain of Android malware codenamed Ajina.Banker since at least November 2024 with the goal of harvesting financial information and intercepting two-factor authentication (2FA) messages.
Singapore-headquartered Group-IB, which discovered the threat in May 2024, said the malware is propagated via a network of Telegram channels
Singapore-headquartered Group-IB, which discovered the threat in May 2024, said the malware is propagated via a network of Telegram channels
New Chrome Features Protect Users Against Threats, Provide More Control Over Personal Data
Google is rolling out new features in Chrome to better protect users online and to improve their control over personal data.
The post New Chrome Features Protect Users Against Threats, Provide More Control Over Personal Data appeared first on SecurityWeek.
Urgent: GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Job Execution
GitLab on Wednesday released security updates to address 17 security vulnerabilities, including a critical flaw that allows an attacker to run pipeline jobs as an arbitrary user.
The issue, tracked as CVE-2024-6678, carries a CVSS score of 9.9 out of a maximum of 10.0
“An issue was discovered in GitLab CE/EE affecting all versions starting from 8.14 prior to 17.1.7, starting from 17.2 prior to
The issue, tracked as CVE-2024-6678, carries a CVSS score of 9.9 out of a maximum of 10.0
“An issue was discovered in GitLab CE/EE affecting all versions starting from 8.14 prior to 17.1.7, starting from 17.2 prior to
Operant AI Lands $10M Investment to Boost Runtime Protection for Cloud and AI
Operant AI, a startup specializing in runtime protection for cloud applications, APIs, and AI systems, secures new $10 million investment.
The post Operant AI Lands $10M Investment to Boost Runtime Protection for Cloud and AI appeared first on SecurityWeek.
Transport for London confirms customer data stolen in cyberattack
Transport for London (TfL) has determined that the cyberattack on September 1 impacts customer data, including names, contact details, email addresses, and home addresses. […]
GitLab warns of critical pipeline execution vulnerability
GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions. […]
Realm.Security Emerges From Stealth With $5 Million in Seed Funding
Realm.Security has emerged from stealth with $5 million in funding and a solution that helps organizations manage security data.
The post Realm.Security Emerges From Stealth With $5 Million in Seed Funding appeared first on SecurityWeek.
Beware: New Vo1d Malware Infects 1.3 Million Android TV Boxes Worldwide
Nearly 1.3 million Android-based TV boxes running outdated versions of the operating system and belonging to users spanning 197 countries have been infected by a new malware dubbed Vo1d (aka Void).
“It is a backdoor that puts its components in the system storage area and, when commanded by attackers, is capable of secretly downloading and installing third-party software,” Russian antivirus
“It is a backdoor that puts its components in the system storage area and, when commanded by attackers, is capable of secretly downloading and installing third-party software,” Russian antivirus