π΅οΈββοΈ Google Opens $250K Bug Bounty Contest for VM Hypervisor π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
If security researchers can execute a guesttohost attack using a zeroday vulnerability in the KVM open source hypervisor, Google will make it worth their while.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Google Opens $250K Bug Bounty Contest for VM Hypervisor
If security researchers can execute a guest-to-host attack using a zero-day vuln in the KVM open source hypervisor, Google will make it worth their while.
π¦Ώ Surfshark vs IPVanish (2024): Which VPN Should You Choose? π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Which is better, Surfshark or IPVanish? Use our guide to help you compare pricing, features and more.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Surfshark vs IPVanish (2024): Which VPN Should You Choose?
Which is better, Surfshark or IPVanish? Use our guide to help you compare pricing, features and more.
π¦Ώ CISA Report Finds Most Open-Source Projects Contain Memory-Unsafe Code π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Analysts found that 52 of opensource projects are written in memoryunsafe languages like C and C.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
CISA Report Finds Most Open-Source Projects Contain Memory-Unsafe Code
Security analysts found that 52% of open-source projects are written in memory-unsafe languages like C and C++.
π¦Ώ Top Tech Conferences & Events to Add to Your Calendar in 2024 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
A great way to stay current with the latest technology trends and innovations is by attending conferences. Read and bookmark our 2024 tech events guide.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Top Tech Conferences & Events to Add to Your Calendar in 2025
Discover the top tech conferences and events to add to your calendar in 2025, and stay updated on the latest trends and innovations.
π§ It all adds up: Pretexting in executive compromise π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Executives hold the keys to the corporate kingdom. If attackers can gain the trust of executives using layered social engineering techniques, they may be able to access sensitive corporate information such as intellectual property, financial data or administrative control logins and passwords. While phishing remains the primary pathway to executive compromise, increasing Csuite awareness of The post It all adds up Pretexting in executive compromise appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
It all adds up: Pretexting in executive compromise
The use of pretexting to gain C-suite trust is now present in a quarter of all business email compromise attacks. Here are three tips to stay secure.
ποΈ How MFA Failures are Fueling a 500% Surge in Ransomware Losses ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The cybersecurity threat landscape has witnessed a dramatic and alarming rise in the average ransomware payment, an increase exceeding 500. Sophos, a global leader in cybersecurity, revealed in its annual "State of Ransomware 2024" report that the average ransom payment has increased 500 in the last year with organizations that paid a ransom reporting an average payment of 2 million, up from.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New Intel CPU Vulnerability 'Indirector' Exposes Sensitive Data ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Modern CPUs from Intel, including Raptor Lake and Alder Lake, have been found vulnerable to a new sidechannel attack that could be exploited to leak sensitive information from the processors. The attack, codenamed Indirector by security researchers Luyi Li, Hosein Yavarzadeh, and Dean Tullsen, leverages shortcomings identified in Indirect Branch Predictor IBP and the Branch Target Buffer BTB.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Meta's 'Pay or Consent' Approach Faces E.U. Competition Rules Scrutiny ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Meta's decision to offer an adfree subscription in the European Union E.U. has faced a new setback after regulators accused the social media behemoth of breaching the bloc's competition rules by forcing users to choose between seeing ads or paying to avoid them. The European Commission said the company's "pay or consent" advertising model is in contravention of the Digital Markets Act DMA.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Chinese Hackers Exploiting Cisco Switches Zero-Day to Deliver Malware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A Chinanexus cyber espionage group named Velvet Ant has been observed exploiting a zeroday flaw in Cisco NXOS Software used in its switches to deliver malware. The vulnerability, tracked as CVE202420399 CVSS score 6.0, concerns a case of command injection that allows an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Australian Man Charged for Fake Wi-Fi Scam on Domestic Flights ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
An Australian man has been charged with running a fake WiFi access point during a domestic flight with an aim to steal user credentials and data. The unnamed 42yearold "allegedly established fake free WiFi access points, which mimicked legitimate networks, to capture personal data from unsuspecting victims who mistakenly connected to them," the Australian Federal Police AFP said in a press.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Hijacked: How hacked YouTube channels spread scams and malware π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Heres how cybercriminals go after YouTube channels and use them as conduits for fraud and what you should watch out for when watching videos on the platform.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
Hijacked: How hacked YouTube channels spread scams and malware
Hereβs how cybercriminals go after YouTube channels and use them as conduits for fraud β and what you should watch out for when watching videos on the platform.
π Mobile Political Spam Surges Threefold For 2024 Election π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Proofpoint highlighted how smishing, impersonation and spam are eroding trust in mobile messaging.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Mobile Political Spam Surges Threefold For 2024 Election
Proofpoint highlighted how smishing, impersonation and spam are eroding trust in mobile messaging
π Chrome Update Will Block Entrust Certificates by November 2024 π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The move follows a series of reported compliance failures and lack of progress in addressing publicly disclosed incidents.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Chrome Update Will Block Entrust Certificates by November 2024
The move follows a series of reported compliance failures and lack of progress in addressing publicly disclosed incidents
π Ransomware Attack Demands Reach a Staggering $5.2m in 2024 π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Comparitech calculated that the average ransom demand was over 5.2m in the first six months of 2024, with 421 confirmed incidents during this period.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Ransomware Attack Demands Reach a Staggering $5.2m in 2024
Comparitech calculated that the average ransom demand was over $5.2m in the first six months of 2024, with 421 confirmed incidents during this period
π Health Tech Execs Get Jail Time For $1bn Fraud Scheme π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The former CEO and COO of a health startup will spend years in jail after conducting a largescale fraud scheme.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Health Tech Execs Get Jail Time For $1bn Fraud Scheme
The former CEO and COO of a health startup will spend years in jail after conducting a large-scale fraud scheme
π Cisco Patches Zero-Day Bug Used by Chinese Velvet Ant Group π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Cisco has patched a zeroday vulnerability exploited by a Chinese APT group to compromise Nexus switches.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Cisco Patches Zero-Day Bug Used by Chinese Velvet Ant Group
Cisco has patched a zero-day vulnerability exploited by a Chinese APT group to compromise Nexus switches
π Email Phishing Playbook β Free PDF π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
Phishing emails are a constant threat, targeting employees and exploiting vulnerabilities to steal sensitive data... The post Email Phishing Playbook Free PDF appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
Email Phishing Playbook - Free PDF
Phishing emails are a constant threat, targeting employees and exploiting vulnerabilities to steal sensitive data...
π΅οΈββοΈ Cyber Workforce Numbers Rise for Larger Organizations π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Some organizations are also reaching recordhigh levels of cyber maturity, at 80 to 90.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Cyber Workforce Numbers Rise for Larger Organizations
Some organizations are also reaching record-high levels of cyber maturity, at 80% to 90%.
π΅οΈββοΈ PTC License Server Bug Needs Immediate Patch Against Critical Flaw π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Creo ElementsDirect License Servers, which enable industrial design and modeling software, are exposed to the Internet, leaving critical infrastructure vulnerable to remote code execution.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
PTC License Server Bug Needs Immediate Patch Against Critical Flaw
Creo Elements/Direct License Servers, which enable industrial design and modeling software, are exposed to the Internet, leaving critical infrastructure vulnerable to remote code execution.
π΅οΈββοΈ Fintech Frenzy: Affirm & Others Emerge as Victims in Evolve Breach π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
A ransomware attack has become a supply chain issue, thanks to the victim's partnerships with other financial services companies.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Fintech Frenzy: Affirm & Others Emerge as Victims in Evolve Breach
A ransomware attack has become a supply chain issue, thanks to the victim's partnerships with other financial services companies.
π΅οΈββοΈ Passkey Redaction Attacks Subvert GitHub, Microsoft Authentication π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Adversaryinthemiddle attacks can strip out the passkey option from login pages that users see, leaving targets with only authentication choices that force them to give up credentials.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Passkey Redaction Attacks Subvert GitHub, Microsoft Authentication
Adversary-in-the-middle attacks can strip out the passkey option from login pages that users see, leaving targets with only authentication choices that force them to give up credentials.