September 2024 – Page 5

Critical Linux CUPS Printing System Flaws Could Allow Remote Command Execution

A new set of security vulnerabilities has been disclosed in the OpenPrinting Common Unix Printing System (CUPS) on Linux systems that could permit remote command execution under certain conditions.
“A remote unauthenticated attacker can silently replace existing printers’ (or install new ones) IPP urls with a malicious one, resulting in arbitrary command execution (on the computer) when a print

Progress urges admins to patch critical WhatsUp Gold bugs ASAP

Progress Software warned customers to patch multiple critical and high-severity vulnerabilities in its WhatsUp Gold network monitoring tool as soon as possible. […]

Sophistication of AI-Backed Operation Targeting Senator Points to Future of Deepfake Schemes

Experts believe schemes like this will become more common now that the technical barriers that once existed around generative artificial intelligence have decreased.

The post Sophistication of AI-Backed Operation Targeting Senator Points to Future of Deepfake Schemes appeared first on SecurityWeek.

Tor Merges With Security-Focused OS Tails

The Tor Project announced that it has merged operations with the security-focused operating system Tails.

The post Tor Merges With Security-Focused OS Tails appeared first on SecurityWeek.

How to Plan and Prepare for Penetration Testing

As security technology and threat awareness among organizations improves so do the adversaries who are adopting and relying on new techniques to maximize speed and impact while evading detection.
Ransomware and malware continue to be the method of choice by big game hunting (BGH) cyber criminals, and the increased use of hands-on or “interactive intrusion” techniques is especially alarming.

Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks

The threat actor known as Storm-0501 has targeted government, manufacturing, transportation, and law enforcement sectors in the U.S. to stage ransomware attacks.
The multi-stage attack campaign is designed to compromise hybrid cloud environments and perform lateral movement from on-premises to cloud environment, ultimately resulting in data exfiltration, credential theft, tampering, persistent

Windows 11 KB5043145 update released with 13 changes and fixes

Microsoft released the September 2024 preview update (KB5043145) for Windows 11 23H2 and 22H2, with 13 improvements and fixes for multiple issues, including Edge and task manager freezes. […]

Millions of Kia Cars Were Vulnerable to Remote Hacking: Researchers

Security researchers detail vulnerabilities in Kia owners’ portal that allowed them to control vehicles remotely.

The post Millions of Kia Cars Were Vulnerable to Remote Hacking: Researchers appeared first on SecurityWeek.

Kaspersky, Pango Respond to User Backlash as Transition to UltraAV Nearly Complete

Users continue to flame Kaspersky and Pango Group as the automatic, forced transition to UltraAV gradually progresses.

The post Kaspersky, Pango Respond to User Backlash as Transition to UltraAV Nearly Complete appeared first on SecurityWeek.

Highly Anticipated Linux Flaw Allows Remote Code Execution, but Less Serious Than Expected

A researcher has disclosed the details of an unpatched vulnerability that was expected to pose a serious threat to many Linux systems.

The post Highly Anticipated Linux Flaw Allows Remote Code Execution, but Less Serious Than Expected appeared first on SecurityWeek.

Month: September 2024