Insurance administrative services company Landmark Admin warns that a data breach impacts over 800,000 people from a May cyberattack. […]
Apple Opens Private Cloud Compute for Public Security Inspection
Cupertino said the research lab and tooling offers “verifiable transparency” of its promises to secure AI-powered data on its platforms.
The post Apple Opens Private Cloud Compute for Public Security Inspection appeared first on SecurityWeek.
Ireland fines LinkedIn €310 million over targeted advertising
LinkedIn received a €310 million fine from the Irish Data Protection Commission for violating European Union’s law related to the processing of personal data for behavioral analysis and targeted advertising. […]
Cisco fixes VPN DoS flaw discovered in password spray attacks
Cisco fixed a denial of service flaw in its Cisco ASA and Firepower Threat Defense (FTD) software, which was discovered during large-scale brute force attacks against Cisco VPN devices in April. […]
Nvidia Patches High-Severity Flaws in Windows, Linux Graphics Drivers
Nvidia rolls out urgent security updates to fix at least 8 high-severity vulnerabilities in GPU drivers for Windows and Linux.
The post Nvidia Patches High-Severity Flaws in Windows, Linux Graphics Drivers appeared first on SecurityWeek.
New Qilin.B Ransomware Variant Emerges with Improved Encryption and Evasion Tactics
Cybersecurity researchers have discovered an advanced version of the Qilin ransomware sporting increased sophistication and tactics to evade detection.
The new variant is being tracked by cybersecurity firm Halcyon under the moniker Qilin.B.
“Notably, Qilin.B now supports AES-256-CTR encryption for systems with AESNI capabilities, while still retaining Chacha20 for systems that lack this support
The new variant is being tracked by cybersecurity firm Halcyon under the moniker Qilin.B.
“Notably, Qilin.B now supports AES-256-CTR encryption for systems with AESNI capabilities, while still retaining Chacha20 for systems that lack this support
New Qilin ransomware encryptor features stronger encryption, evasion
A new Rust-based variant of the Qilin (Agenda) ransomware strain, dubbed ‘Qilin.B,’ has been spotted in the wild, featuring stronger encryption, better evasion from security tools, and the ability to disrupt data recovery mechanisms. […]
Samsung Galaxy S24 and Sonos Era hacked on Pwn2Own Ireland Day 2
On the second day of Pwn2Own Ireland 2024, competing white hat hackers showcased an impressive 51 zero-day vulnerabilities, earning a total of $358,625 in cash prizes. […]
North Korean Hackers Exploited Chrome Zero-Day for Cryptocurrency Theft
The Lazarus APT created a deceptive website that exploited a Chrome zero-day to install malware and steal cryptocurrency.
The post North Korean Hackers Exploited Chrome Zero-Day for Cryptocurrency Theft appeared first on SecurityWeek.
AWS Cloud Development Kit Vulnerability Exposes Users to Potential Account Takeover Risks
Cybersecurity researchers have disclosed a security flaw impacting Amazon Web Services (AWS) Cloud Development Kit (CDK) that could have resulted in an account takeover under specific circumstances.
“The impact of this issue could, in certain scenarios, allow an attacker to gain administrative access to a target AWS account, resulting in a full account takeover,” Aqua said in a report shared
“The impact of this issue could, in certain scenarios, allow an attacker to gain administrative access to a target AWS account, resulting in a full account takeover,” Aqua said in a report shared