ποΈ Google to Block Entrust Certificates in Chrome Starting November 2024 ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Google has announced that it's going to start blocking websites that use certificates from Entrust starting around November 1, 2024, in its Chrome browser, citing compliance failures and the certificate authority's inability to address security issues in a timely manner. "Over the past several years, publicly disclosed incident reports highlighted a pattern of concerning behaviors by Entrust.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
β€1π1
ποΈ Juniper Networks Releases Critical Security Update for Routers ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Juniper Networks has released outofband security updates to address a critical security flaw that could lead to an authentication bypass in some of its routers. The vulnerability, tracked as CVE20242973, carries a CVSS score of 10.0, indicating maximum severity. An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or Conductor.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ Cyber attacks on healthcare organizations are surging β here's why π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Healthcare organizations have been targeted with spiraling costs linked to a record number of cyber attacks in recent years.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Cyber attacks on healthcare organizations are surging β here's why
Healthcare organizations have been targeted with spiraling costs linked to a record number of cyber attacks in recent years
π’ Everything you need to know about the TeamViewer breach π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
TeamViewers corporate IT environment is believed to have been accessed by Russian statesponsored hacker collective, Midnight Blizzard.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Everything you need to know about the TeamViewer breach
TeamViewerβs corporate IT environment is believed to have been accessed by Russian state-sponsored hacker collective, Midnight Blizzard
π€1
π’ Securing tomorrow π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Maximising the value of technology in an evolving defence sector.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Quantitative analysis of a prefabricated vs. traditional data center
Apples to apples cost analysis between data centre types
π’ A CISO's guide to safely unleashing the power of genAI π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Safeguard against the threats of AI.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
A CISO's guide to safely unleashing the power of genAI
Safeguard against the threats of AI
π΅οΈββοΈ Apple CocoaPods Bugs Expose Millions of Apps to Code Injection π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Critical dependency manager supply chain vulnerabilities have exposed millions and millions of devices to arbitrary malware for the better part of decade.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Apple CocoaPods Bugs Expose Millions of Apps to Code Injection
Critical dependency manager supply chain vulnerabilities have exposed millions and millions of devices to arbitrary malware for the better part of decade.
π΅οΈββοΈ Apple's AI Moves Will Impact Future Chip, Cloud Security Plans π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Analysts say Apple's blackbox approach provides a blueprint for rival chip makers and cloud providers.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Apple's AI Moves Will Impact Future Chip, Cloud Security Plans
Analysts say Apple's black-box approach provides a blueprint for rival chip makers and cloud providers.
π΅οΈββοΈ Name That Edge Toon: Cyber Cloudburst π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Feeling creative? Submit your caption and our panel of experts will reward the winner with a 25 Amazon gift card.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Name That Edge Toon: Cyber Cloudburst
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
π΅οΈββοΈ Thinking About Security, Fast & Slow π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
To be effective, managing risk demands both fast responses and strategic thinking.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Thinking About Security, Fast & Slow
To be effective, managing risk demands both fast responses and strategic thinking.
π¦Ώ AVG Secure VPN vs Surfshark (2024): Which VPN Is Better? π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Is Surfshark better than AVG? Is AVG Secure VPN worth it? Find out which VPN is better with our guide.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
AVG Secure VPN vs Surfshark (2024): Which VPN Is Better?
Is Surfshark better than AVG? Is AVG Secure VPN worth it? Find out which VPN is better with our guide.
π¦Ώ Get a Lifetime of 1TB Cloud Storage for Only $80 With FolderFort π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Fast, affordable cloud storage isnt always easy to find for businesses, but now you can have a massive amount with maximum security.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Get a Lifetime of 1TB Cloud Storage for Only $50 with FolderFort
Fast, affordable cloud storage isnβt always easy to find for businesses, but now you can have a massive amount with maximum security.
π¦Ώ TechRepublic Premium Editorial Calendar: Policies, Checklists, Hiring Kits and Glossaries for Download π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic Premium content helps you solve your toughest IT issues and jumpstart your career or next project.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
TechRepublic Premium Editorial Calendar: Policies, Hiring Kits, and Glossaries for Download
TechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project.
π OpenSSH 9.8p1 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
This is a Linuxportable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patentencumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other cleanups.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π§ ChatGPT 4 can exploit 87% of one-day vulnerabilities π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Since the widespread and growing use of ChatGPT and other large language models LLMs in recent years, cybersecurity has been a top concern. Among the many questions, cybersecurity professionals wondered how effective these tools were in launching an attack. Cybersecurity researchers Richard Fang, Rohan Bindu, Akul Gupta and Daniel Kang recently performed a study to The post ChatGPT 4 can exploit 87 of oneday vulnerabilities appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
ChatGPT 4 can exploit 87% of one-day vulnerabilities
A team of researchers has found that ChatGPT 4 is highly effective at exploiting one-day vulnerabilities from the CVE database.
ποΈ CapraRAT Spyware Disguised as Popular Apps Threatens Android Users ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The threat actor known as Transparent Tribe has continued to unleash malwarelaced Android apps as part of a social engineering campaign to target individuals of interest. "These APKs continue the group's trend of embedding spyware into curated video browsing applications, with a new expansion targeting mobile gamers, weapons enthusiasts, and TikTok fans," SentinelOne security researcher Alex.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Indian Software Firm's Products Hacked to Spread Data-Stealing Malware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Installers for three different software products developed by an Indian company named Conceptworld have been trojanized to distribute informationstealing malware. The installers correspond to Notezilla, RecentX, and Copywhiz, according to cybersecurity firm Rapid7, which discovered the supply chain compromise on June 18, 2024. The issue has since been remediated by Conceptworld as of June 24.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ End-to-End Secrets Security: Making a Plan to Secure Your Machine Identities ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
At the heart of every application are secrets. Credentials that allow humantomachine and machinetomachine communication. Machine identities outnumber human identities by a factor of 45to1 and represent the majority of secrets we need to worry about. According to CyberArk's recent research, 93 of organizations had two or more identityrelated breaches in the past year. It is clear that we.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
OpenSSH maintainers have released security updates to contain a critical security flaw that could result in unauthenticated remote code execution with root privileges in glibcbased Linux systems. The vulnerability, codenamed regreSSHion, has been assigned the CVE identifier CVE20246387. It resides in the OpenSSH server component, also known as sshd, which is designed to listen for connections.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Metaβs βPay or Consentβ Data Model Breaches EU Law π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The EU Commission said Metas pay or consent model means users cannot freely consent to their personal data being collected for advertising purposes.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Metaβs βPay or Consentβ Data Model Breaches EU Law
The EU Commission said Metaβs pay or consent model means users cannot freely consent to their personal data being collected for advertising purposes
π Critical OpenSSH Flaw Enables Full System Compromise π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A newly discovered RCE vulnerability, which can lead to full system compromise, has put over 14 million OpenSSH server instances are potentially at risk, according to Qualys.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Critical OpenSSH Flaw Enables Full System Compromise
A newly discovered RCE vulnerability, which can lead to full system compromise, has put over 14 million OpenSSH server instances are potentially at risk, according to Qualys