A new zero-day vulnerability has been discovered that allows attackers to capture NTLM credentials by simply tricking the target into viewing a malicious file in Windows Explorer. […]
FSB Uses Trojan App to Monitor Russian Programmer Accused of Supporting Ukraine
A Russian programmer accused of donating money to Ukraine had his Android device secretly implanted with spyware by the Federal Security Service (FSB) after he was detained earlier this year.
The findings come as part of a collaborative investigation by First Department and the University of Toronto’s Citizen Lab.
“The spyware placed on his device allows the operator to track a target device’s
The findings come as part of a collaborative investigation by First Department and the University of Toronto’s Citizen Lab.
“The spyware placed on his device allows the operator to track a target device’s
In Other News: Cloudflare Abuse, UK and EU Cybersecurity Reports, FBI Gen-AI Alert
Noteworthy stories that might have slipped under the radar: ENISA and NCSC release cybersecurity reports, abuse of Cloudflare services, FBI warns of gen-AI enabling fraud.
The post In Other News: Cloudflare Abuse, UK and EU Cybersecurity Reports, FBI Gen-AI Alert appeared first on SecurityWeek.
Ethyca Raises $10 Million for Data Privacy Platform
Data privacy solutions provider Ethyca has raised $10 million in a funding round led by Aspenwood Ventures and AVP.
The post Ethyca Raises $10 Million for Data Privacy Platform appeared first on SecurityWeek.
SonicWall Patches 6 Vulnerabilities in Secure Access Gateway
SonicWall has released patches for multiple high-severity flaws in the SMA100 SSL-VPN secure access gateway.
The post SonicWall Patches 6 Vulnerabilities in Secure Access Gateway appeared first on SecurityWeek.
Atrium Health Data Breach Impacts 585,000 People
Atrium Health has notified the HHS of a data breach impacting 585,000 individuals, and the incident may be related to online tracking.
The post Atrium Health Data Breach Impacts 585,000 People appeared first on SecurityWeek.
Google Open Sources Security Patch Validation Tool for Android
Google has announced the open source availability of Vanir, a patch validation tool for Android platform developers.
The post Google Open Sources Security Patch Validation Tool for Android appeared first on SecurityWeek.
PoC Exploit Published for Unpatched Mitel MiCollab Vulnerability
WatchTowr has published proof-of-concept (PoC) code for an unpatched vulnerability in the Mitel MiCollab enterprise collaboration platform.
The post PoC Exploit Published for Unpatched Mitel MiCollab Vulnerability appeared first on SecurityWeek.
Researchers Uncover Flaws in Popular Open-Source Machine Learning Frameworks
Cybersecurity researchers have disclosed multiple security flaws impacting open-source machine learning (ML) tools and frameworks such as MLflow, H2O, PyTorch, and MLeap that could pave the way for code execution.
The vulnerabilities, discovered by JFrog, are part of a broader collection of 22 security shortcomings the supply chain security company first disclosed last month.
Unlike the first
The vulnerabilities, discovered by JFrog, are part of a broader collection of 22 security shortcomings the supply chain security company first disclosed last month.
Unlike the first
Recently Charged Scattered Spider Suspect Did Poor Job at Covering Tracks
A California teen suspected of being a Scattered Spider member left a long trail of evidence and even used an FBI service to launder money.
The post Recently Charged Scattered Spider Suspect Did Poor Job at Covering Tracks appeared first on SecurityWeek.