42-year-old Nigerian national Bamidele Omotosho has been sentenced to 12 years and seven months in prison for his role in a series of cyber scams that resulted in millions of dollars in losses for U.S. citizens. […]
Ivanti warns of critical vTM auth bypass with public exploit
​Today, Ivanti urged customers to patch a critical authentication bypass vulnerability impacting Virtual Traffic Manager (vTM) appliances that can let attackers create rogue administrator accounts. […]
3AM ransomware stole data of 464,000 Kootenai Health patients
Kootenai Health has disclosed a data breach impacting over 464,000 patients after their personal information was stolen and leaked by the 3AM ransomware operation. […]
US Unseals Charges Against Three Eastern Europeans Over Ransomware, Malvertising
Maksim Silnikau was extradited to the US to face charges for roles in the distribution of the Angler exploit kit, malware, and the Ransom Cartel ransomware.
The post US Unseals Charges Against Three Eastern Europeans Over Ransomware, Malvertising appeared first on SecurityWeek.
SAP Patches Critical Vulnerabilities in BusinessObjects, Build Apps
SAP has released 25 security notes on August 2024 Security Patch Day, including for critical vulnerabilities in BusinessObjects and Build Apps.
The post SAP Patches Critical Vulnerabilities in BusinessObjects, Build Apps appeared first on SecurityWeek.
How to Prevent Your First AI Data Breach
Don’t let AI CoPilots be the source of your first data breach. Learn more from Varonis about the challengers of securing your data in the era of gen AI. […]
GhostWrite: New T-Head CPU Bugs Expose Devices to Unrestricted Attacks
A team of researchers from the CISPA Helmholtz Center for Information Security in Germany has disclosed an architectural bug impacting Chinese chip company T-Head’s XuanTie C910 and C920 RISC-V CPUs that could allow attackers to gain unrestricted access to susceptible devices.
The vulnerability has been codenamed GhostWrite. It has been described as a direct CPU bug embedded in the hardware, as
The vulnerability has been codenamed GhostWrite. It has been described as a direct CPU bug embedded in the hardware, as
Ransom Cartel, Reveton ransomware owner arrested, charged in US
Belarusian-Ukrainian national Maksim Silnikau was arrested in Spain and extradited to the USA to face charges for creating the Ransom Cartel ransomware operation in 2021 and for running a malvertising operation from 2013 to 2022. […]
Researchers Uncover Vulnerabilities in AI-Powered Azure Health Bot Service
Cybersecurity researchers have discovered two security flaws in Microsoft’s Azure Health Bot Service that, if exploited, could permit a malicious actor to achieve lateral movement within customer environments and access sensitive patient data.
The critical issues, now patched by Microsoft, could have allowed access to cross-tenant resources within the service, Tenable said in a new report shared
The critical issues, now patched by Microsoft, could have allowed access to cross-tenant resources within the service, Tenable said in a new report shared
Reframing the ZTNA vs. SASE Debate
While ZTNA can be deployed independently, it is an integral component of the SASE architecture as well.
The post Reframing the ZTNA vs. SASE Debate appeared first on SecurityWeek.