Google has revealed that a security flaw that was patched as part of a security update rolled out last week to its Chrome browser has come under active exploitation in the wild. Tracked as CVE-2024-7965, the vulnerability has been described as an inappropriate implementation bug in the V8 JavaScript and WebAssembly engine. “Inappropriate implementation in […]
Category Archives: Uncategorized
A threat actor resembling APT41 performed “AppDomainManager Injection,” which is like DLL sideloading, but arguably easier and stealthier. Go to Source Author: Nate Nelson, Contributing Writer
The tech giant seeks to work with endpoint security partners, including CrowdStrike, on how to prevent an outage event of such gravity from happening again. Go to Source Author: Dark Reading Staff
Such cyberattack enablement services let attackers breach security measures, establish new fake accounts, and brute-force servers. Go to Source Author: Nathan Eddy, Contributing Writer
As the entire Port of Seattle struggles to become fully operational once more, the airport recommends that those who are traveling take extra precautions. Go to Source Author: Dark Reading Staff
SonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorized access to the devices. The vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), has been described as an improper access control bug. “An improper access control vulnerability has been identified in the SonicWall SonicOS […]
The Dutch Data Protection Authority (DPA) has fined Uber a record €290 million ($324 million) for allegedly failing to comply with European Union (E.U.) data protection standards when sending sensitive driver data to the U.S. “The Dutch DPA found that Uber transferred personal data of European taxi drivers to the United States (U.S.) and failed […]
Employees and management must fully support change detection and file integrity monitoring, allowing a proactive approach with definitive security controls to be implemented against threat actors. Go to Source Author: Patrick B Barnett
Cybersecurity researchers are warning about the security risks in the machine learning (ML) software supply chain following the discovery of more than 20 vulnerabilities that could be exploited to target MLOps platforms. These vulnerabilities, which are described as inherent- and implementation-based flaws, could have severe consequences, ranging from arbitrary code execution to loading Go to […]
Nowadays, sensitive and critical data is traveling in everyday business channels that offer only the basic level of security and encryption, and companies are often oblivious to the risk. A case in point: Disney suffered a devastating data leak by a hacktivist group known as NullBulge that got hold of over 1.2 terabytes of data […]