People in the United Kingdom are no longer able to access content hosted on the Imgur, a popular media sharing site, after a UK data watchdog warned it may impose a monetary penalty on the parent company, MediaLab. […]
Sendit sued by the FTC for illegal collection of children data
The Federal Trade Commission (FTC) is suing Sendit’s operating company and its CEO for unlawful collection of data from underage users, as well as deceptive subscription practices. […]
New MatrixPDF toolkit turns PDFs into phishing and malware lures
A new phishing and malware distribution toolkit called MatrixPDF allows attackers to convert ordinary PDF files into interactive lures that bypass email security and redirect victims to credential theft or malware downloads. […]
$50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections
A group of academics from KU Leuven and the University of Birmingham has demonstrated a new vulnerability called Battering RAM to bypass the latest defenses on Intel and AMD cloud processors.
“We built a simple, $50 interposer that sits quietly in the memory path, behaving transparently during startup and passing all trust checks,” researchers Jesse De Meulemeester, David Oswald, Ingrid
“We built a simple, $50 interposer that sits quietly in the memory path, behaving transparently during startup and passing all trust checks,” researchers Jesse De Meulemeester, David Oswald, Ingrid
WestJet confirms recent breach exposed customers’ passports
Canadian airline WestJet is informing customers that the cyberattack disclosed in June compromised their sensitive information, including passports and ID documents. […]
Windows 11 2025 Update (25H2) is now available, Here’s what’s new
Today, Microsoft announced the release of Windows 11 25H2, also known as Windows 11 2025 Update. […]
Nearly 50,000 Cisco firewalls vulnerable to actively exploited flaws
Roughly 48,800 Cisco Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) appliances exposed on the public web are vulnerable to two vulnerabilities actively leveraged by hackers. […]
Phantom Taurus: New China-Linked Hacker Group Hits Governments With Stealth Malware
Government and telecommunications organizations across Africa, the Middle East, and Asia have emerged as the target of a previously undocumented China-aligned nation-state actor dubbed Phantom Taurus over the past two-and-a-half years.
“Phantom Taurus’ main focus areas include ministries of foreign affairs, embassies, geopolitical events, and military operations,” Palo Alto Networks Unit 42
“Phantom Taurus’ main focus areas include ministries of foreign affairs, embassies, geopolitical events, and military operations,” Palo Alto Networks Unit 42
Call for Presentations Open for 2025 CISO Forum Virtual Summit
This online event is expected to attract more than 2,500 attendee registrations from around the world.
The post Call for Presentations Open for 2025 CISO Forum Virtual Summit appeared first on SecurityWeek.
Critical WD My Cloud bug allows remote command injection
Western Digital has released firmware updates for multiple My Cloud NAS models to patch a critical-severity vulnerability that could be exploited remotely to execute arbitrary system commands. […]