The FBI warns of North Korean threat actors conducting social engineering campaigns targeting employees in the cryptocurrency industry.
The post FBI: North Korea Aggressively Hacking Cryptocurrency Firms appeared first on SecurityWeek.
Crypto Vulnerability Allows Cloning of YubiKey Security Keys
YubiKey security keys can be cloned via a side-channel attack that leverages a vulnerability in a cryptographic library.
The post Crypto Vulnerability Allows Cloning of YubiKey Security Keys appeared first on SecurityWeek.
The New Effective Way to Prevent Account Takeovers
Account takeover attacks have emerged as one of the most persistent and damaging threats to cloud-based SaaS environments. Yet despite significant investments in traditional security measures, many organizations continue to struggle with preventing these attacks. A new report, “Why Account Takeover Attacks Still Succeed, and Why the Browser is Your Secret Weapon in Stopping Them” argues that the
Zyxel Patches Critical Vulnerabilities in Networking Devices
Zyxel has released patches for multiple vulnerabilities in its networking devices, including a critical flaw impacting access points and security routers.
The post Zyxel Patches Critical Vulnerabilities in Networking Devices appeared first on SecurityWeek.
White House Outlines Plan for Addressing BGP Vulnerabilities
The White House has released a roadmap for addressing internet routing (BGP) security issues, mainly through RPKI adoption.
The post White House Outlines Plan for Addressing BGP Vulnerabilities appeared first on SecurityWeek.
D-Link Warns of Code Execution Flaws in Discontinued Router Model
D-Link warns of multiple remote code execution vulnerabilities impacting its discontinued DIR-846 router model.
The post D-Link Warns of Code Execution Flaws in Discontinued Router Model appeared first on SecurityWeek.
Android’s September 2024 Update Patches Exploited Vulnerability
Google has released Android security updates to patch an exploited local privilege escalation vulnerability.
The post Android’s September 2024 Update Patches Exploited Vulnerability appeared first on SecurityWeek.
Clearview AI Faces €30.5M Fine for Building Illegal Facial Recognition Database
The Dutch Data Protection Authority (Dutch DPA) has imposed a fine of €30.5 million ($33.7 million) against facial recognition firm Clearview AI for violating the General Data Protection Regulation (GDPR) in the European Union (E.U.) by building an “illegal database with billions of photos of faces,” including those of Dutch citizens.
“Facial recognition is a highly intrusive technology that you
“Facial recognition is a highly intrusive technology that you
Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack
A new malware campaign is spoofing Palo Alto Networks’ GlobalProtect VPN software to deliver a variant of the WikiLoader (aka WailingCrab) loader by means of a search engine optimization (SEO) campaign.
The malvertising activity, observed in June 2024, is a departure from previously observed tactics wherein the malware has been propagated via traditional phishing emails, Unit 42 researchers
FTC: Over $110 million lost to Bitcoin ATM scams in 2023
The U.S. Federal Trade Commission (FTC) has reported a massive increase in losses to Bitcoin ATM scams, nearly ten times the amount from 2020 and reaching over $110 million in 2023. […]