Security News
HPE investigates new breach after data for sale on hacking forum
Hewlett Packard Enterprise (HPE) is investigating a potential new breach after a threat actor put allegedly stolen data up for sale on a hacking forum, claiming it contains HPE credentials and other sensitive information. […]
Read MoreClorox says cyberattack caused $49 million in expenses
Clorox has confirmed that a September 2023 cyberattack has so far cost the company $49 million in expenses related to the response to the incident. […]
Read MoreAnyDesk says hackers breached its production servers, reset passwords
AnyDesk confirmed today that it suffered a recent cyberattack that allowed hackers to gain access to the company’s production systems. BleepingComputer has learned that source code and private code signing keys were stolen during the attack. […]
Read MoreRussian APT28 Hackers Targeting High-Value Orgs with NTLM Relay Attacks
Russian state-sponsored actors have staged NT LAN Manager (NTLM) v2 hash relay attacks through various methods from April 2022 to November 2023, targeting high-value targets worldwide.
The attacks, attributed to an “aggressive” hacking crew called APT28, have set their eyes on organizations dealing with foreign affairs, energy, defense, and transportation, as well as those involved with
81% of Underwriters Expect Cyber Insurance Premiums to Increase as Risk is Expected to Soar
New data from cyber insurance underwriters shows what they think the biggest threats will be in 2024 and what organizations should do about it.
Read MoreItalian Data Protection Watchdog Accuses ChatGPT of Privacy Violations
Italy’s data protection authority (DPA) has notified ChatGPT-maker OpenAI of supposedly violating privacy laws in the region.
“The available evidence pointed to the existence of breaches of the provisions contained in the E.U. GDPR [General Data Protection Regulation],” the Garante per la protezione dei dati personali (aka the Garante) said in a statement on Monday.
It also said it
New ZLoader Malware Variant Surfaces with 64-bit Windows Compatibility
Threat hunters have identified a new campaign that delivers the ZLoader malware, resurfacing nearly two years after the botnet’s infrastructure was dismantled in April 2022.
A new variant of the malware is said to have been in development since September 2023, Zscaler ThreatLabz said in an analysis published this month.
“The new version of Zloader made significant changes to the loader
Assessing and quantifying AI risk: A challenge for enterprises
Artificial intelligence can help businesses through automation or by improving existing tasks, but like any technology it comes with risks if not managed well. For those businesses that decided to build their own AI or buy software that has AI embedded in it, assessing its risks is an important step to ensuring compliance and data security.
Read MoreJuniper Networks Releases Urgent Junos OS Updates for High-Severity Flaws
Juniper Networks has released out-of-band updates to address high-severity flaws in SRX Series and EX Series that could be exploited by a threat actor to take control of susceptible systems.
The vulnerabilities, tracked as CVE-2024-21619 and CVE-2024-21620, are rooted in the J-Web component and impact all versions of Junos OS. Two other shortcomings, CVE-2023-36846 and
45k Jenkins servers exposed to RCE attacks using public exploits
Researchers found roughly 45,000 Jenkins instances exposed online that are vulnerable to CVE-2024-23897, a critical remote code execution (RCE) flaw for which multiple public proof-of-concept (PoC) exploits are in circulation. […]
Read More