Tech Republic Security
DECEMBER 12, 2024
Gemini 2.0 Flash is available now, with other model sizes coming in January. It adds multilingual voice output, image output, and some trendy agentic capabilities.
Malwarebytes
DECEMBER 12, 2024
Apple has released security patches for most of its operating systems, including iOS, Mac, iPadOS, Safari, and visionOS. To check if youre using the latest software version, go to Settings (or System Settings ) > General > Software Update. Its also worth turning on Automatic Updates if you havent already, which you can do on the same screen. iPadOS update available Updates are available for: Safari 18.2 macOS Ventura and macOS Sonoma iOS 18.2 and iPadOS 18.2 iPhone XS and later, iPad Pro
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
SecureWorld News
DECEMBER 12, 2024
When most people think of Krispy Kreme, they picture warm, glazed doughnuts and coffee, not cyberattacks. Yet, the recent cybersecurity breach at the beloved doughnut chain highlights critical lessons for organizations of all sizes and industries. The details of the Krispy Kreme hack are still emerging, but the companys Form 8-K filing brought the incident to light, offering a rare glimpse into the challenges businesses face when their systems are compromised.
Security Affairs
DECEMBER 12, 2024
US Bitcoin ATM operator Byte Federal suffered a data breach impacting 58,000 customers, attackers gained unauthorized access to a server via GitLab flaw. US Bitcoin ATM operator Byte Federal disclosed a data breach after threat actors gained unauthorized access to a company server by exploiting a GitLab vulnerability. Byte Federal is a company specializing in cryptocurrency services through its network of over 1,200 Bitcoin ATMs across the United States.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
SecureList
DECEMBER 12, 2024
During the first week of October, Kaspersky took part in the 34th Virus Bulletin International Conference , one of the longest-running cybersecurity events. There, our researchers delivered multiple presentations, and one of our talks focused on newly observed activities by the Careto threat actor, which is also known as “The Mask” You can watch the recording of this presentation here: The Mask APT is a legendary threat actor that has been performing highly sophisticated attacks sinc
Penetration Testing
DECEMBER 12, 2024
Law enforcement worldwide has delivered a significant blow to cybercriminals with Operation PowerOFF, an international effort led by Europol to dismantle Distributed Denial-of-Service (DDoS)-for-hire platforms. In a coordinated strike involving... The post Operation PowerOFF: Europol Cracks Down on Global DDoS-for-Hire Platforms appeared first on Cybersecurity News.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Security Boulevard
DECEMBER 12, 2024
Artificial stupidity: Large language models are terrible if you need reasoning or actual understanding. The post AI Slop is Hurting Security LLMs are Dumb and People are Dim appeared first on Security Boulevard.
Cisco Security
DECEMBER 12, 2024
Secure Workload platform has taken a significant leap forward with the launch of its 3.10 release earlier this month packed with Gen AI and many more.
Penetration Testing
DECEMBER 12, 2024
A critical vulnerability in PDQ Deploy, a software deployment service used by system administrators, has been highlighted in a recent advisory by the CERT Coordination Center (CERT/CC). The flaw, which... The post PDQ Deploy Vulnerability Exposes Admin Credentials: CERT/CC Issues Advisory appeared first on Cybersecurity News.
Security Affairs
DECEMBER 12, 2024
The Russia-linked APT Gamaredon used two new Android spyware tools calledBoneSpyandPlainGnome against former Soviet states. Lookout researchers linked the BoneSpy and PlainGnome Android surveillance families to the Russian APT group Gamaredon (a.k.a. Armageddon , Primitive Bear, and ACTINIUM). These are the first known mobile malware families linked to the Russian APT.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Penetration Testing
DECEMBER 12, 2024
A detailed report from Group-IB reveals a sophisticated global phishing campaign targeting employees across 30 companies in 15 jurisdictions. By leveraging trusted domains and dynamic personalization, the threat actors have... The post Secure Email Gateways Fail to Stop Advanced Phishing Campaign Targeting Multiple Industries appeared first on Cybersecurity News.
Malwarebytes
DECEMBER 12, 2024
Senators introduced a bill on Tuesday that would prohibit data brokers from selling or transferring location and health data. Data brokers have drawn attention this year by leaking several large databases, with the worst being the National Public Data leak. The data breach made international headlines because it affected hundreds of millions of people, and it included Social Security Numbers.
Penetration Testing
DECEMBER 12, 2024
The Symantec Threat Hunter Team has uncovered a sophisticated cyber campaign targeting high-profile organizations in Southeast Asia. Among the victims are government ministries in two countries, an air traffic control... The post High-Profile Organizations in Southeast Asia Hit by Targeted Cyberattacks appeared first on Cybersecurity News.
Trend Micro
DECEMBER 12, 2024
In this blog entry, we discuss a social engineering attack that tricked the victim into installing a remote access tool, triggering DarkGate malware activities and an attempted C&C connection.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Penetration Testing
DECEMBER 12, 2024
Researchers at the Lookout Threat Lab have uncovered two sophisticated Android spyware families, BoneSpy and PlainGnome, attributed to the Russian-aligned Advanced Persistent Threat (APT) group Gamaredon. Also known as Primitive... The post Gamaredon APT Deploys Two Russian Android Spyware Families: BoneSpy and PlainGnome appeared first on Cybersecurity News.
Hacker's King
DECEMBER 12, 2024
Kali Linux is often associated with hackers, but is it truly a tool only for them? In this article, well explore Kali Linux , its purpose, and whether its exclusively for hackers or useful for anyone interested in cybersecurity. Whether you're an aspiring ethical hacker or a security enthusiast, Kali Linux offers powerful tools for learning and professional use.
Penetration Testing
DECEMBER 12, 2024
A newly discovered vulnerability in Apache Superset, a popular open-source business intelligence platform, could allow attackers to gain unauthorized write access to sensitive data. Tracked as CVE-2024-55633 and assigned a... The post CVE-2024-55633: Apache Superset Vulnerability Exposes Sensitive Data to Unauthorized Modification appeared first on Cybersecurity News.
Security Boulevard
DECEMBER 12, 2024
Containers boost your application's scalability and efficiency. But without proper security, containerized environments can be vulnerable to data breaches, supply chain attacks , and other risks that derail projects. The post 10 Container Security Best Practices: A Guide appeared first on Security Boulevard.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Penetration Testing
DECEMBER 12, 2024
A significant increase in brute-force attacks targeting outdated and misconfigured Citrix NetScaler devices has been observed in Germany, prompting warnings from cybersecurity experts and organizations, including CERT Germany and the... The post Citrix NetScaler Under Siege: Significant Increase in Brute Force Attacks Observed appeared first on Cybersecurity News.
Security Boulevard
DECEMBER 12, 2024
A survey of IT security pros by cybersecurity firm BlackFog found that 70% of them said federal cases like that against SolarWinds' CISO hurt their opinion about the position, but some said they expected the boards of directors would take the issues of security more seriously. The post Charges Against CISOs Create Worries, Hope in Security Industry: Survey appeared first on Security Boulevard.
Security Affairs
DECEMBER 12, 2024
Russia-linked APT group Secret Blizzardis using Amadey Malware-as-a-Service to infect systems in Ukraine with the Kazuar backdoor. The Russia-linked APT group Secret Blizzard (aka Turla , Snake , Uroburos , Waterbug , Venomous Bear and KRYPTON )was spotted using the Amadey malware to deploy the KazuarV2 backdoor on devices in Ukraine. Microsoft also assesses that in January 2024, Secret Blizzard used the backdoor of Storm-1837, a Russia-based threat actor, to download the Tavdig and KazuarV2 bac
Security Boulevard
DECEMBER 12, 2024
A Critical Guide to PCI Compliance madhav Thu, 12/12/2024 - 13:28 You are shopping online, adding items to your cart, and you're ready to pay with your credit card. You expect that when you hit "Checkout," your payment details will be safe. This sense of trust exists thanks largely to PCI DSSthe Payment Card Industry Data Security Standard. PCI DSS is a security system for your credit card and its data.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
Penetration Testing
DECEMBER 12, 2024
A serious vulnerability in the Hunk Companion plugin for WordPress, tracked as CVE-2024-11972 (CVSS 9.8), has been discovered by the WPScan team. This flaw, present in versions below 1.9.0, allows... The post Active Exploitation Observed for CVE-2024-11972 (CVSS 9.8): WordPress Plugin Flaw Exposes 10,000+ Sites to Backdoor Attacks appeared first on Cybersecurity News.
Security Boulevard
DECEMBER 12, 2024
As the dust settles on another hectic 12 months, business and IT leaders should enjoy a well-earned break. But not for long. The end of one year offers a fantastic vantage point from which to view the macro trends that may go on to shape the next. With this in mind, these are the five things weve learned about cybersecurity in 2024. The post A Year in Data Security: Five Things Weve Learned From 2024 appeared first on Security Boulevard.
Penetration Testing
DECEMBER 12, 2024
In August 2024, JPCERT/CC confirmed a targeted attack against a Japanese organization, believed to be the work of the threat group APT-C-60. This advanced campaign utilized legitimate services like Google... The post APT-C-60 Exploits Legitimate Services in Sophisticated Malware Attack Targeting Japanese Organizations appeared first on Cybersecurity News.
Security Boulevard
DECEMBER 12, 2024
Discover how the 2025 changes to NCSC Mail Check will impact UK public sector organizations and learn strategies for maintaining robust protection against phishing and spoofing. The post NCSC Mail Check Changes & Their Impact on UK Public Sector Email Security appeared first on Security Boulevard.
Advertisement
Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.
Penetration Testing
DECEMBER 12, 2024
Dell has released a critical security update to address multiple vulnerabilities impacting several of its enterprise products, including PowerFlex, InsightIQ, and Data Lakehouse. These vulnerabilities, identified as CVE-2024-37143 and CVE-2024-37144,... The post Dell Warns of Critical Flaws in Enterprise Products, Including CVE-2024-37143 (CVSS 10) appeared first on Cybersecurity News.
Security Boulevard
DECEMBER 12, 2024
Why Should Cloud Data Protection Be Your Top Priority? With the steep rise in digitalization, sensitive data has moved from the physical world into the boundless digital realm. Cloud computing has become a crucial part of this transition, thus making cloud data protection a top priority. But what does it mean to secure this data, [] The post Critical Steps to Keep Your Cloud Data Protected appeared first on Entro.
Penetration Testing
DECEMBER 12, 2024
The U.S. Department of Justice announced the takedown of Rydox, a notorious online marketplace for stolen personal information and cybercrime tools. This operation, involving authorities in the U.S., Kosovo, Albania,... The post International Cybercrime Ring Dismantled: Rydox Marketplace Seized and Administrators Arrested appeared first on Cybersecurity News.
Security Boulevard
DECEMBER 12, 2024
Authors/Presenters: WanJunJie Zhang, Yisheng He Our sincere appreciation to DEF CON , and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conferences events located at the Las Vegas Convention Center ; and via the organizations YouTube channel. Permalink The post DEF CON 32 – Using ALPC Security Features To Compromise RPC Services appeared first on Security Boulevard.
Advertisement
IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.
Expert insights. Personalized for you.
147 
Let's personalize your content