NDIA backs infosec after internal report kept private – Cloud – Security
The National Disability Insurance Agency (NDIA) is publicly backing the security of its new PACE CRM platform, after a report raised “concerns” about the system…
Latest Cybersecurity News — Page 4931
View all →
Google to bolster phishing and malware delivery defenses in 2024
Google will introduce new sender guidelines in February to bolster email security against phishing and malware delivery by mandating bulk senders to authenticate their emails…
ZDI Discusses First Automotive Pwn2Own
The Zero Day Initiative (ZDI) will host a new Automotive Pwn2Own at the Automotive World Conference in Tokyo, January 24 to 26, 2024. Something new…
San Francisco’s transport agency Metropolitan Transportation Commission (MTC) exposes drivers’ plate numbers and addresses
San Francisco’s transport agency Metropolitan Transportation Commission (MTC) exposes drivers’ plate numbers and addresses Pierluigi Paganini October 03, 2023 A misconfiguration in the Metropolitan Transportation…
Microsoft now lets you play a game during Windows 11 installs
Microsoft has introduced a new twist to the Windows 11 installation and update process, transforming it from a mundane task into an enjoyable experience. Users…
Synqly Joins Race to Fix Security, Infrastructure Product Integrations
Synqly, a Silicon Valley startup with ambitious plans to fix the way security and infrastructure products are integrated, announced its debut Tuesday with an early…
Android October security update fixes zero-days exploited in attacks
Google has released the October 2023 security updates for Android, addressing 54 unique vulnerabilities, including two known to be actively exploited. The two exploited flaws…
ShellTorch Attack Exposes Millions of PyTorch Systems to RCE Vulnerabilities
Amongst various cybersecurity threats, the ShellTorch attack exposes the PyTorch Model Server to remote code execution. The cybersecurity researchers at the Oligo Security research team…
PyTorch Models Vulnerable to Remote Code Execution via ShellTorch
Oct 03, 2023THNArtificial Intelligence / Cyber Threat Cybersecurity researchers have disclosed multiple critical security flaws in the TorchServe tool for serving and scaling PyTorch models…
EvilProxy uses indeed.com open redirect for Microsoft 365 phishing
A recently uncovered phishing campaign is targeting Microsoft 365 accounts of key executives in U.S.-based organizations by abusing open redirects from the Indeed employment website for…
Qualcomm Releases Patch for 3 new Zero-Days Under Active Exploitation
Oct 03, 2023THNZero Day / Vulnerability Chipmaker Qualcomm has released security updates to address 17 vulnerabilities in various components, while warning that three other zero-days…
ShellTorch flaws expose AI servers to code execution attacks
A set of critical vulnerabilities dubbed ‘ShellTorch’ in the open-source TorchServe AI model-serving tool impact tens of thousands of internet-exposed servers, some of which belong…