Search the Portal

Recent Articles

JUN17
ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models

ASUS has shipped software updates to address a critical security flaw impacting its routers that could be exploited by malicious actors to bypass authentication. Tracked as CVE-2024-3080, the vulnerability carries a CVSS score of 9.8 out of a maximum of 10.0. "Certain ASUS router models have authentication bypass vulnerability, allowing unauthenticated remote attackers to log in the device,"

The Hacker News by info@thehackernews.com (The Hacker News)
JUN17
Tech Leaders to Gather for AI Risk Summit at the Ritz-Carlton, Half Moon Bay June 25-26, 2024

SecurityWeek’s AI Risk Summit + CISO Forum bring together business and government stakeholders to provide meaningful guidance on risk management and cybersecurity in the age of artificial intelligence. The post Tech Leaders to Gather for AI Risk Summit at the Ritz-Carlton, Half Moon Bay June 25-26, 2024 appeared first on SecurityWeek.

Security Week by SecurityWeek News
JUN17
CISA Conducts First AI Cyber Incident Response Exercise

The US cybersecurity agency CISA has conducted a tabletop exercise with the private sector focused on AI cyber incident response. The post CISA Conducts First AI Cyber Incident Response Exercise appeared first on SecurityWeek.

Security Week by Ionut Arghire
JUN17
Keytronic Says Personal Information Stolen in Ransomware Attack

Keytronic confirms that personal information was compromised after a ransomware group leaked allegedly stolen data. The post Keytronic Says Personal Information Stolen in Ransomware Attack appeared first on SecurityWeek.

Security Week by Ionut Arghire
JUN17
Insurance Company Globe Life Investigating Data Breach

US insurance company Globe Life is investigating a data breach involving unauthorized access to consumer and policyholder information. The post Insurance Company Globe Life Investigating Data Breach appeared first on SecurityWeek.

Security Week by Eduard Kovacs
JUN17
Aim Security Raises $18M to Secure Customers’ Implementation of AI Apps

Aim Security has raised a total of $28 million to date and is on a mission to help companies to implement AI products with confidence. The post Aim Security Raises $18M to Secure Customers’ Implementation of AI Apps appeared first on SecurityWeek.

Security Week by Kevin Townsend
JUN17
China-Linked Hackers Infiltrate East Asian Firm for 3 Years Using F5 Devices

A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in East Asia for a period of about three years, with the adversary establishing persistence using legacy F5 BIG-IP appliances and using it as an internal command-and-control (C&C) for defense evasion purposes. Cybersecurity company Sygnia, which responded to

The Hacker News by info@thehackernews.com (The Hacker News)
JUN17
What is DevSecOps and Why is it Essential for Secure Software Delivery?

Traditional application security practices are not effective in the modern DevOps world. When security scans are run only at the end of the software delivery lifecycle (either right before or after a service is deployed), the ensuing process of compiling and fixing vulnerabilities creates massive overhead for developers. The overhead that degrades velocity and puts production deadlines at risk.

The Hacker News by info@thehackernews.com (The Hacker News)
JUN17
200,000 Impacted by Data Breach at Los Angeles County Public Health Agency

The LA County’s Department of Public Health says the personal information of 200,000 was compromised in a data breach. The post 200,000 Impacted by Data Breach at Los Angeles County Public Health Agency appeared first on SecurityWeek.

Security Week by Ionut Arghire
JUN17
UK Man Suspected of Being ‘Scattered Spider’ Leader Arrested

A British man has been arrested in Spain for allegedly being the ringleader of the notorious Scattered Spider cybercrime group. The post UK Man Suspected of Being ‘Scattered Spider’ Leader Arrested appeared first on SecurityWeek.

Security Week by Eduard Kovacs
JUN17
Nigerian Faces Prison in US After BEC Fraud Conviction

Nigerian national Ebuka Raphael Umeti was convicted in the US for operating a business email compromise (BEC) scheme. The post Nigerian Faces Prison in US After BEC Fraud Conviction appeared first on SecurityWeek.

Security Week by Ionut Arghire
JUN17
Hackers Exploit Legitimate Websites to Deliver BadSpace Windows Backdoor

Legitimate-but-compromised websites are being used as a conduit to deliver a Windows backdoor dubbed BadSpace under the guise of fake browser updates. "The threat actor employs a multi-stage attack chain involving an infected website, a command-and-control (C2) server, in some cases a fake browser update, and a JScript downloader to deploy a backdoor into the victim's system," German

The Hacker News by info@thehackernews.com (The Hacker News)
JUN17
NiceRAT Malware Targets South Korean Users via Cracked Software

Threat actors have been observed deploying a malware called NiceRAT to co-opt infected devices into a botnet. The attacks, which target South Korean users, are designed to propagate the malware under the guise of cracked software, such as Microsoft Windows, or tools that purport to offer license verification for Microsoft Office. "Due to the nature of crack programs, information sharing amongst

The Hacker News by info@thehackernews.com (The Hacker News)
JUN15
U.K. Hacker Linked to Notorious Scattered Spider Group Arrested in Spain

Law enforcement authorities have allegedly arrested a key member of the notorious cybercrime group called Scattered Spider. The individual, a 22-year-old man from the United Kingdom, was arrested this week in the Spanish city of Palma de Mallorca as he attempted to board a flight to Italy. The move is said to be a joint effort between the U.S. Federal Bureau of Investigation (FBI) and the

The Hacker News by info@thehackernews.com (The Hacker News)
JUN15
Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group suspected of hacking into Twilio, LastPass, DoorDash, Mailchimp, and nearly 130 other organizations over the...

Krebs on Security by BrianKrebs