Top-ranked mobile apps found using hardcoded keys and exposed cloud buckets.
The post Many Mobile Apps Fail Basic Security—Posing Serious Risks to Enterprises appeared first on SecurityWeek.
Pillar Security Banks $9M for AI Security Guardrails
Shield Capital leads a $9 million seed-stage funding round for Israeli startup building technologies for AI security and privacy guardrails.
The post Pillar Security Banks $9M for AI Security Guardrails appeared first on SecurityWeek.
CISA extends funding to ensure ‘no lapse in critical CVE services’
CISA says the U.S. government has extended funding to ensure no continuity issues with the critical Common Vulnerabilities and Exposures (CVE) program. […]
Google Blocked 5.1B Harmful Ads and Suspended 39.2M Advertiser Accounts in 2024
Google on Wednesday revealed that it suspended over 39.2 million advertiser accounts in 2024, with a majority of them identified and blocked by its systems before it could serve harmful ads to users.
In all, the tech giant said it stopped 5.1 billion bad ads, restricted 9.1 billion ads, and blocked or restricted ads on 1.3 billion pages last year. It also suspended over 5 million accounts for
In all, the tech giant said it stopped 5.1 billion bad ads, restricted 9.1 billion ads, and blocked or restricted ads on 1.3 billion pages last year. It also suspended over 5 million accounts for
Ransomware Group Claims Hacking of Oregon Regulator After Data Breach Denial
The Rhysida ransomware gang claims to have stolen 2.5 Tb of files from the Oregon Department of Environmental Quality.
The post Ransomware Group Claims Hacking of Oregon Regulator After Data Breach Denial appeared first on SecurityWeek.
CISA Statement on CVE Program
Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild
In recent attacks, the state-sponsored backdoor BPFDoor is using a controller to open a reverse shell and move laterally.
The post Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild appeared first on SecurityWeek.
Gamma AI Platform Abused in Phishing Chain to Spoof Microsoft SharePoint Logins
Threat actors are leveraging an artificial intelligence (AI) powered presentation platform named Gamma in phishing attacks to direct unsuspecting users to spoofed Microsoft login pages.
“Attackers weaponize Gamma, a relatively new AI-based presentation tool, to deliver a link to a fraudulent Microsoft SharePoint login portal,” Abnormal Security researchers Hinman Baron and Piotr Wojtyla said in
“Attackers weaponize Gamma, a relatively new AI-based presentation tool, to deliver a link to a fraudulent Microsoft SharePoint login portal,” Abnormal Security researchers Hinman Baron and Piotr Wojtyla said in
From Third-Party Vendors to U.S. Tariffs: The New Cyber Risks Facing Supply Chains
Introduction
Cyber threats targeting supply chains have become a growing concern for businesses across industries. As companies continue to expand their reliance on third-party vendors, cloud-based services, and global logistics networks, cybercriminals are exploiting vulnerabilities within these interconnected systems to launch attacks. By first infiltrating a third-party vendor with undetected
Cyber threats targeting supply chains have become a growing concern for businesses across industries. As companies continue to expand their reliance on third-party vendors, cloud-based services, and global logistics networks, cybercriminals are exploiting vulnerabilities within these interconnected systems to launch attacks. By first infiltrating a third-party vendor with undetected
Microsoft warns of blue screen crashes caused by April updates
Microsoft warned customers this week that their systems might crash with a blue screen error caused by a secure kernel fatal error after installing Windows updates released since March. […]