Data Breaches are a Dime a Dozen: It’s Time for a New Cybersecurity Paradigm
Data breaches have accelerated quickly in 2024. Google ‘data breach’ and you’re in for a whirlwind of high-profile names scattered across headlines of thousands, and…
Month: November 2024
CFPB Rule Changes Presents New Open Banking Challenge – Ensuring Compliance with API Standards
Application programming interfaces (APIs) play a crucial role in modern business, particularly for banks, retailers, and global enterprises, by streamlining financial data transfers. In the…
Unleashing the Power of Purple Teaming: A Collaborative Approach to Cybersecurity
The traditional cybersecurity landscape separated the functions of attack simulation (red teams) and defense (blue teams), with each operating independently. While valuable, this approach can…
U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers
U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers Pierluigi Paganini November 10, 2024 US CFPB warns employees…
Fortinet Expands Generative AI Integration Across Cybersecurity Portfolio to Enhance Security Operations
Fortinet® (NASDAQ: FTNT), a global leader in cybersecurity, has broadened its application of generative AI (GenAI) technology across its suite of products by introducing two…
Week in review: Zero-click flaw in Synology NAS devices, Google fixes exploited Android vulnerability
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Millions of Synology NAS devices vulnerable to zero-click attacks (CVE-2024-10443)Synology…
AsyncRAT’s Infection Tactics via Open Directories: Technical Analysis
ANY.RUN, a leader in interactive malware analysis and threat intelligence, has released a technical analysis authored by RacWatchin8872 documenting new techniques used in multi-stage attacks…
CISA Warns of Palo Alto & Android Flaws Exploited
The Cybersecurity and Infrastructure Security Agency (CISA) has issued urgent warnings regarding two critical vulnerabilities currently being exploited in the wild. These security flaws affect…
Mazda Connect flaws allow to hack some Mazda vehicles
Mazda Connect flaws allow to hack some Mazda vehicles Pierluigi Paganini November 09, 2024 Multiple vulnerabilities in the infotainment unit Mazda Connect could allow attackers…
Malicious PyPI package with 37,000 downloads steals AWS keys
A malicious Python package named ‘fabrice’ has been present in the Python Package Index (PyPI) since 2021, stealing Amazon Web Services credentials from unsuspecting developers.…
North Korean Hackers Abuse Cloud-Based Services to Deploy Malware
ESET’s recent report details the activities of various advanced persistent threat (APT) groups from April to September 2024, highlighting key trends and developments observed during…
Microsoft says recent Windows 11 updates break SSH connections
Microsoft has confirmed that last month’s Windows security updates are breaking SSH connections on some Windows 11 22H2 and 23H2 systems. This newly acknowledged issue…