OpenSSL has patched CVE-2024-12797, a high-severity vulnerability found by Apple that can allow man-in-the-middle attacks.
The post High-Severity OpenSSL Vulnerability Found by Apple Allows MitM Attacks appeared first on SecurityWeek.
SAP Releases 21 Security Patches
SAP has released 19 new and two updated security notes on its February 2025 patch day, including six notes for high-severity vulnerabilities.
The post SAP Releases 21 Security Patches appeared first on SecurityWeek.
Russian military hackers deploy malicious Windows activators in Ukraine
The Sandworm Russian military cyber-espionage group is targeting Windows users in Ukraine with trojanized Microsoft Key Management Service (KMS) activators and fake Windows updates. […]
SonicWall firewall exploit lets hackers hijack VPN sessions, patch now
Security researchers at Bishop Fox have published complete exploitation details for the CVE-2024-53704 vulnerability that allows bypassing the authentication mechanism in certain versions of the SonicOS SSLVPN application. […]
US indicts 8Base ransomware operators for Phobos encryption attacks
The U.S. Justice Department announced the names of two Phobos ransomware affiliates arrested yesterday in Thailand, charging them on 11 counts due to their involvement in more than a thousand cyberattacks. […]
Google Confirms Android SafetyCore Enables AI-Powered On-Device Content Classification
Google has stepped in to clarify that a newly introduced Android System SafetyCore app does not perform any client-side scanning of content.
“Android provides many on-device protections that safeguard users against threats like malware, messaging spam and abuse protections, and phone scam protections, while preserving user privacy and keeping users in control of their data,” a spokesperson for
“Android provides many on-device protections that safeguard users against threats like malware, messaging spam and abuse protections, and phone scam protections, while preserving user privacy and keeping users in control of their data,” a spokesperson for
US sanctions LockBit ransomware’s bulletproof hosting provider
The United States, Australia, and the United Kingdom have sanctioned Zservers, a Russia-based bulletproof hosting (BPH) services provider, for supplying essential attack infrastructure for the LockBit ransomware gang. […]
Authorities Disrupt 8Base Ransomware, Arrest Four Russian Operators
Law enforcement agencies take down the 8Base ransomware group’s infrastructure, arrest four Russian operators.
The post Authorities Disrupt 8Base Ransomware, Arrest Four Russian Operators appeared first on SecurityWeek.
4 Ways to Keep MFA From Becoming too Much of a Good Thing
Multi-factor authentication (MFA) has quickly become the standard for securing business accounts. Once a niche security measure, adoption is on the rise across industries. But while it’s undeniably effective at keeping bad actors out, the implementation of MFA solutions can be a tangled mess of competing designs and ideas. For businesses and employees, the reality is that MFA sometimes feels
Intel Patched 374 Vulnerabilities in 2024
Intel says roughly 100 of the 374 vulnerabilities it patched last year were firmware and hardware security defects.
The post Intel Patched 374 Vulnerabilities in 2024 appeared first on SecurityWeek.