data breach

GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others

Jun 28, 2024NewsroomSoftware Security / DevOps GitLab has released security updates to address 14 security flaws, including one critical vulnerability that could be exploited to run continuous integration and continuous deployment (CI/CD) pipelines as any…

8220 Gang Exploits Oracle WebLogic Server Flaws for Cryptocurrency Mining

Jun 28, 2024NewsroomMalware / Cryptocurrency Security researchers have shed more light on the cryptocurrency mining operation conducted by the 8220 Gang by exploiting known security flaws in the Oracle WebLogic Server. “The threat actor employs…

How to Stay Ahead of Threat Actors

The modern kill chain is eluding enterprises because they aren’t protecting the infrastructure of modern business: SaaS. SaaS continues to dominate software adoption, and it accounts for the greatest share of public cloud spending. But…

New SnailLoad Attack Exploits Network Latency to Spy on Users’ Web Activities

Jun 28, 2024NewsroomNetwork Security / Data Protection A group of security researchers from the Graz University of Technology have demonstrated a new side-channel attack known as SnailLoad that could be used to remotely infer a…

Researchers Warn of Flaws in Widely Used Industrial Gas Analysis Equipment

Jun 28, 2024NewsroomIndustrial Security / Critical Infrastructure Multiple security flaws have been disclosed in Emerson Rosemount gas chromatographs that could be exploited by malicious actors to obtain sensitive information, induce a denial-of-service (DoS) condition, and…

TeamViewer Detects Security Breach in Corporate IT Environment

Jun 28, 2024NewsroomData Breach / Enterprise Security TeamViewer on Thursday disclosed it detected an “irregularity” in its internal corporate IT environment on June 26, 2024. “We immediately activated our response team and procedures, started investigations…

Startups scramble to assess fallout from Evolve Bank data breach

by Lorenzo Franceschi-Bicchierai, Mary Ann Azevedo
June 27, 2024
I.T. Today
4 min read

On Wednesday, Evolve Bank and Trust, a financial institution that’s popular with fintech startups, announced that it had been victim of a cyberattack and data breach that could have affected its partner companies as well. …

Rust-Based P2PInfect Botnet Evolves with Miner and Ransomware Payloads

The peer-to-peer malware botnet known as P2PInfect has been found targeting misconfigured Redis servers with ransomware and cryptocurrency miners. The development marks the threat’s transition from what appeared to be a dormant botnet with unclear…

The Secrets of Hidden AI Training on Your Data

Jun 27, 2024The Hacker NewsArtificial Intelligence / SaaS Security While some SaaS threats are clear and visible, others are hidden in plain sight, both posing significant risks to your organization. Wing’s research indicates that an…

Prompt Injection Flaw in Vanna AI Exposes Databases to RCE Attacks

Cybersecurity researchers have disclosed a high-severity security flaw in the Vanna.AI library that could be exploited to achieve remote code execution vulnerability via prompt injection techniques. The vulnerability, tracked as CVE-2024-5565 (CVSS score: 8.1), relates…

« Previous
1
…
60
61
62
63
64
…
145
Next »