Skip to content
information security Page 14

information security

CISA Urges Agencies to Patch Critical “Array Networks” Flaw Amid Active Attacks

CISA Urges Agencies to Patch Critical “Array Networks” Flaw Amid Active Attacks

Nov 26, 2024Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched critical security flaw impacting Array Networks AG and vxAG secure access gateways to its Known… 

Google’s New Restore Credentials Tool Simplifies App Login After Android Migration

Google’s New Restore Credentials Tool Simplifies App Login After Android Migration

Nov 25, 2024Ravie LakshmananMobile Security / Privacy Google has introduced a new feature called Restore Credentials to help users restore their account access to third-party apps securely after migrating to a new Android device. Part… 

PyPI Python Library “aiocpa” Found Exfiltrating Crypto Keys via Telegram Bot

PyPI Python Library “aiocpa” Found Exfiltrating Crypto Keys via Telegram Bot

Nov 25, 2024Ravie LakshmananSoftware Supply Chain / Malware The administrators of the Python Package Index (PyPI) repository have quarantined the package “aiocpa” following a new update that included malicious code to exfiltrate private keys via… 

Cybersecurity Blind Spots in IaC and PaC Tools Expose Cloud Platforms to New Attacks

Cybersecurity Blind Spots in IaC and PaC Tools Expose Cloud Platforms to New Attacks

Nov 25, 2024Ravie LakshmananCloud Security / Supply Chain Attack Cybersecurity researchers have disclosed two new attack techniques against infrastructure-as-code (IaC) and policy-as-code (PaC) tools like HashiCorp’s Terraform and Open Policy Agent (OPA) that leverage dedicated,… 

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 18

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 18

Nov 25, 2024Ravie LakshmananCybersecurity / Critical Updates We hear terms like “state-sponsored attacks” and “critical vulnerabilities” all the time, but what’s really going on behind those words? This week’s cybersecurity news isn’t just about hackers… 

Researchers Uncover Malware Using BYOVD to Bypass Antivirus Protections

Researchers Uncover Malware Using BYOVD to Bypass Antivirus Protections

Nov 25, 2024Ravie LakshmananMalware / Windows Security Cybersecurity researchers have uncovered a new malicious campaign that leverages a technique called Bring Your Own Vulnerable Driver (BYOVD) to disarm security protections and ultimately gain access to… 

North Korean Hackers Steal M with AI-Driven Scams and Malware on LinkedIn

North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn

Nov 23, 2024Ravie LakshmananArtificial Intelligence / Cryptocurrency The North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of cryptocurrency as part of social engineering campaigns orchestrated…