Blog – Page 859 – Cyber Mike

Not Your Old ActiveState: Introducing our End-to-End OS Platform

Having been at ActiveState for nearly eight years, I’ve seen many iterations of our product. However, one thing has stayed true over the years: Our commitment to the open source community and companies using open source in their code.
ActiveState has been helping enterprises manage open source for over a decade. In the early days, open source was in its infancy. We focused mainly on the

BeyondTrust Patches Critical Vulnerability Discovered During Security Incident Probe

A critical vulnerability in BeyondTrust Privileged Remote Access and Remote Support could lead to arbitrary command execution.

The post BeyondTrust Patches Critical Vulnerability Discovered During Security Incident Probe appeared first on SecurityWeek.

APT29 Hackers Target High-Value Victims Using Rogue RDP Servers and PyRDP

The Russia-linked APT29 threat actor has been observed repurposing a legitimate red teaming attack methodology as part of cyber attacks leveraging malicious Remote Desktop Protocol (RDP) configuration files.
The activity, which has targeted governments and armed forces, think tanks, academic researchers, and Ukrainian entities, entails adopting a “rogue RDP” technique that was previously

AI Regulation Gets Serious in 2025 – Is Your Organization Ready?

While the challenges are significant, organizations have an opportunity to build scalable AI governance frameworks that ensure compliance while enabling responsible AI innovation.

The post AI Regulation Gets Serious in 2025 – Is Your Organization Ready? appeared first on SecurityWeek.

Exploitation of Recent Critical Apache Struts 2 Flaw Begins

Researchers warn of malicious attacks exploiting a recently patched critical vulnerability in Apache Struts 2 leading to remote code execution (RCE).

The post Exploitation of Recent Critical Apache Struts 2 Flaw Begins appeared first on SecurityWeek.

ONLY Cynet Delivers 100% Protection and 100% Detection Visibility in the 2024 MITRE ATT&CK Evaluation

Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders is to keep IT environments up and running. To guard against cyber threats and prevent data breaches, it’s vital to understand the current cybersecurity vendor landscape and continually assess the effectiveness of available solutions. Luckily, the 2024 MITRE ATT&CK

Hacker Leaks Cisco Data

IntelBroker has leaked 2.9 Gb of data stolen recently from a Cisco DevHub instance, but claims it’s only a fraction of the total.

The post Hacker Leaks Cisco Data appeared first on SecurityWeek.

INTERPOL Pushes for “Romance Baiting” to Replace “Pig Butchering” in Scam Discourse

INTERPOL is calling for a linguistic shift that aims to put to an end to the term “pig butchering,” instead advocating for the use of “romance baiting” to refer to online scams where victims are duped into investing in bogus cryptocurrency schemes under the pretext of a romantic relationship.
“The term ‘pig butchering’ dehumanizes and shames victims of such frauds, deterring people from coming

Meta Fined €251 Million for 2018 Data Breach Impacting 29 Million Accounts

Meta Platforms, the parent company of Facebook, Instagram, WhatsApp, and Threads, has been fined €251 million (around $263 million) for a 2018 data breach that impacted millions of users in the bloc, in what’s the latest financial hit the company has taken for flouting stringent privacy laws.
The Irish Data Protection Commission (DPC) said the data breach impacted approximately 29 million

Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected

Threat actors are attempting to exploit a recently disclosed security flaw impacting Apache Struts that could pave the way for remote code execution.
The issue, tracked as CVE-2024-53677, carries a CVSS score of 9.5 out of 10.0, indicating critical severity. The vulnerability shares similarities with another critical bug the project maintainers addressed in December 2023 (CVE-2023-50164, CVSS

Cyber News