New attacks attributed to China-based cyber espionage group Mustang Panda show that the threat actor switched to new strategies and malware called FDMTP and PTSOCKET to download payloads and steal information from breached networks. […]
Highline Public Schools closes schools following cyberattack
Highline Public Schools, a K-12 district in Washington state, has shut down all schools and canceled school activities after its technology systems were compromised in a cyberattack. […]
Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws
Google’s adoption of memory safe programming languages now includes the deployment of Rust in legacy low-level firmware codebases.
The post Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws appeared first on SecurityWeek.
Meta fixes easily bypassed WhatsApp ‘View Once’ privacy feature
A privacy flaw in WhatsApp, an instant messenger with over 2 billion users worldwide, is being exploited by attackers to bypass the app’s “View once” feature and view messages again. […]
New RAMBO Attack Uses RAM Radio Signals to Steal Data from Air-Gapped Networks
A novel side-channel attack has been found to leverage radio signals emanated by a device’s random access memory (RAM) as a data exfiltration mechanism, posing a threat to air-gapped networks.
The technique has been codenamed RAMBO by Dr. Mordechai Guri, the head of the Offensive Cyber Research Lab in the Department of Software and Information Systems Engineering at the Ben Gurion University of
The technique has been codenamed RAMBO by Dr. Mordechai Guri, the head of the Offensive Cyber Research Lab in the Department of Software and Information Systems Engineering at the Ben Gurion University of
Payment gateway data breach affects 1.7 million credit card owners
Payment gateway provider Slim CD has disclosed a data breach that compromised credit card and personal data belonging to almost 1.7 million individuals. […]
300,000 Impacted by Data Breach at Car Rental Firm Avis
Avis Car Rental is notifying roughly 300,000 individuals that their personal information was stolen in an August 2024 data breach.
The post 300,000 Impacted by Data Breach at Car Rental Firm Avis appeared first on SecurityWeek.
How to defend against brute force and password spray attacks
While not very sophisticated, brute force password attacks pose a significant threat to an organization’s security. Learn more from Specops Software about these types of attacks and how to defend against them. […]
Two Indicted in US for Running Dark Web Marketplaces Offering Stolen Information
A Kazakhstani and a Russian national were indicted in the US for operating dark web sites facilitating PII, card, and banking information trading.
The post Two Indicted in US for Running Dark Web Marketplaces Offering Stolen Information appeared first on SecurityWeek.
One More Tool Will Do It? Reflecting on the CrowdStrike Fallout
The proliferation of cybersecurity tools has created an illusion of security. Organizations often believe that by deploying a firewall, antivirus software, intrusion detection systems, identity threat detection and response, and other tools, they are adequately protected. However, this approach not only fails to address the fundamental issue of the attack surface but also introduces dangerous