Skip to content
cyber news Page 29

cyber news

GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions

GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions

Sep 19, 2024Ravie LakshmananEnterprise Security / DevOps GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass. The vulnerability is rooted… 

Read More »GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions
New “Raptor Train” IoT Botnet Compromises Over 200,000 Devices Worldwide

New “Raptor Train” IoT Botnet Compromises Over 200,000 Devices Worldwide

Cybersecurity researchers have uncovered a never-before-seen botnet comprising an army of small office/home office (SOHO) and IoT devices that are likely operated by a Chinese nation-state threat actor called Flax Typhoon (aka Ethereal Panda or… 

Read More »New “Raptor Train” IoT Botnet Compromises Over 200,000 Devices Worldwide
Chinese Engineer Charged in U.S. for Years-Long Cyber Espionage Targeting NASA and Military

Chinese Engineer Charged in U.S. for Years-Long Cyber Espionage Targeting NASA and Military

A Chinese national has been indicted in the U.S. on charges of conducting a “multi-year” spear-phishing campaign to obtain unauthorized access to computer software and source code created by the National Aeronautics and Space Administration… 

Read More »Chinese Engineer Charged in U.S. for Years-Long Cyber Espionage Targeting NASA and Military
North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware

North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware

Sep 18, 2024Ravie LakshmananCyber Espionage / Malware A North Korea-linked cyber-espionage group has been observed leveraging job-themed phishing lures to target prospective victims in energy and aerospace verticals and infect them with a previously undocumented… 

Read More »North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware
Chrome Introduces One-Time Permissions and Enhanced Safety Check for Safer Browsing

Chrome Introduces One-Time Permissions and Enhanced Safety Check for Safer Browsing

Sep 18, 2024Ravie LakshmananBrowser Security / Privacy Google has announced that it’s rolling out a new set of features to its Chrome browser that gives users more control over their data when surfing the internet… 

Read More »Chrome Introduces One-Time Permissions and Enhanced Safety Check for Safer Browsing
GSMA Plans End-to-End Encryption for Cross-Platform RCS Messaging

GSMA Plans End-to-End Encryption for Cross-Platform RCS Messaging

Sep 18, 2024Ravie LakshmananMobile Security / Encryption The GSM Association, the governing body that oversees the development of the Rich Communications Services (RCS) protocol, on Tuesday, said it’s working towards implementing end-to-end encryption (E2EE) to… 

Read More »GSMA Plans End-to-End Encryption for Cross-Platform RCS Messaging
Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution

Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution

Sep 18, 2024Ravie LakshmananVirtualization / Network Security Broadcom on Tuesday released updates to address a critical security flaw impacting VMware vCenter Server that could pave the way for remote code execution. The vulnerability, tracked as… 

Read More »Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution
U.S. Treasury Sanctions Executives Linked to Intellexa Predator Spyware Operation

U.S. Treasury Sanctions Executives Linked to Intellexa Predator Spyware Operation

Sep 17, 2024Ravie LakshmananSpyware / Privacy The U.S. Department of Treasury has imposed fresh sanctions against five executives and one entity with ties to the Intellexa Consortium for their role in the development, operation, and… 

Read More »U.S. Treasury Sanctions Executives Linked to Intellexa Predator Spyware Operation