Logitech: ‘Forever mouse’ was just a (bad) idea
Take a deep breath, everyone. Logitech’s “forever mouse” won’t be coming to market after all. Logitech’s idea of a mouse that you’d buy once and pay for forever is just a “peek” into a possible…
INTERPOL Recovers $41 Million in Largest Ever BEC Scam in Singapore
Aug 06, 2024Ravie LakshmananEmail Security / Financial Fraud INTERPOL said it devised a “global stop-payment mechanism” that helped facilitate the largest-ever recovery of funds defrauded in a business email compromise (BEC) scam. The development comes…
Cyberattack knocks Mobile Guardian MDM offline and wipes thousands of student devices
A cyberattack on Mobile Guardian, a U.K.-based provider of educational device management software, has sparked outages at schools across the world and has left thousands of students unable to access their files. Mobile Guardian acknowledged…
Delta Electronics DIAScreen | CISA
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Delta Electronics Equipment: DIAScreen Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause…
CISA Releases Secure by Demand Guide
Helps organizations buying software understand manufacturers approach to cybersecurity WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released today Secure by Demand Guide: How Software Customers Can Drive a…
North Korean Hackers Moonstone Sleet Push Malicious JS Packages to npm Registry
Aug 06, 2024Ravie LakshmananMalware / Windows Security The North Korea-linked threat actor known as Moonstone Sleet has continued to push malicious npm packages to the JavaScript package registry with the aim of infecting Windows systems,…
Insider Threats in The SaaS World
Aug 06, 2024The Hacker NewsSaaS Security / Threat Detection Everyone loves the double-agent plot twist in a spy movie, but it’s a different story when it comes to securing company data. Whether intentional or unintentional,…
New Android Spyware LianSpy Evades Detection Using Yandex Cloud
Aug 06, 2024Ravie LakshmananAndroid / Malware Users in Russia have been the target of a previously undocumented Android post-compromise spyware called LianSpy since at least 2021. Cybersecurity vendor Kaspersky, which discovered the malware in March…
Google Patches New Android Kernel Vulnerability Exploited in the Wild
Aug 06, 2024Ravie LakshmananMobile Security / Vulnerability Google has addressed a high-severity security flaw impacting the Android kernel that it said has been actively exploited in the wild. The vulnerability, tracked as CVE-2024-36971, has been…
New Zero-Day Flaw in Apache OFBiz ERP Allows Remote Code Execution
Aug 06, 2024Ravie LakshmananEnterprise Security / Vulnerability A new zero-day pre-authentication remote code execution vulnerability has been disclosed in the Apache OFBiz open-source enterprise resource planning (ERP) system that could allow threat actors to achieve…