- What We Know About CVE-2024-49112 and CVE-2024-49113
January 4, 2025
In December 2024, two Windows Lightweight Directory Access Protocol (LDAP) vulnerabilities were identified by independent security researcher Yuki Chen: CVE-2024-49112, a remote code execution (RCE) flaw with a 9.8 CVSS score, and CVE-2024-49113, a denial-of-service (DoS) flaw with a 7.5 CVSS score. This blog entry provides an overview of these two vulnerabilities and includes information that ...
- A Windows filetype update may have complicated cyber threat detection efforts
January 4, 2025
The use of archive files as malware delivery mechanisms is evolving, presenting challenges for Secure Email Gateways (SEGs), new research has claimed. A recent report by Cofense highlights how cybercriminals exploit various archive formats to bypass security protocols, particularly following a significant update to Windows in late 2023. Traditionally, .zip files have been the most common ...
- Top AI Trends from 2024 – A Look Back
January 3, 2025
2024 may go down as the year AI stopped being a technological novelty and became—more consequentially—a Fact of Life. Big names like Microsoft, Salesforce, and Intuit built AI into mainstream enterprise solutions; specialized AI apps and services sprung up for everything from copywriting to data analysis; and governments, think tanks, and regulators poured effort into ...
- Apple to pay $95 million to settle claims it used Siri to eavesdrop on customers
January 2, 2025
Apple has agreed to pay $95 million to settle a civil lawsuit accusing the privacy-minded company of deploying its virtual assistant Siri to eavesdrop on people using its iPhone and other trendy devices. The proposed settlement filed Tuesday in an Oakland, California, federal court would resolve a 5-year-old lawsuit revolving around allegations that Apple surreptitiously activated ...
- Nigeria, South Africa, Algeria top targets for cyber attacks in 2024
January 1, 2025
In the first half of 2024, Nigeria saw 2,721 incidents, with the telecom sector, computer services sector, Data processing and hosting companies, and even local beauty salons having a fair dose of the attacks respectively. At the time, experts attributed the rise in cyberattacks to digital transformation initiatives the country was carrying out such as adoption ...
- Thomas Cook India website goes down after cyberattack
January 1, 2025
Thomas Cook India has announced that its IT infrastructure is under a cyberattack. The travel services provider also said it’s working with security experts to investigate the incident and will take necessary remedial actions. The company stated that it promptly took steps to investigate and respond upon discovering the incident, including shutting down affected systems. The company’s ...