IMF: Rising Cyber Threats Pose Serious Concerns for Financial Stability

Cyberattacks have more than doubled since the pandemic. While companies have historically suffered relatively modest direct losses from cyberattacks, some have experienced a much heavier toll. US credit reporting agency Equifax, for example, paid more than $1 billion in penalties Read More …

Improving Detection and Response: Making the Case for Deceptions

Let’s face it, most enterprises find it incredibly difficult to detect and remove attackers once they’ve taken over user credentials, exploited hosts or both. In the meantime, attackers are working on their next moves. That means data gets stolen and Read More …

The Illusion Of Privacy: Geolocation Risks In Modern Dating Apps

Dating apps traditionally utilize location data, offering the opportunity to connect with people nearby, and enhancing the chances of real-life meetings. Some apps can also display the distance of the user to other users. This feature is quite useful for Read More …

Google patches critical vulnerability for Androids with Qualcomm chips

In April’s update for the Android operating system (OS), Google has patched 28 vulnerabilities, one of which is rated critical for Android devices equipped with Qualcomm chips. You can find your device’s Android version number, security update level, and Google Read More …

CVE-2024-0394: Rapid7 Minerva Armor Privilege Escalation (FIXED)

Rapid7 is disclosing CVE-2024-0394, a privilege escalation vulnerability in Rapid7 Minerva’s Armor product family. Minerva uses the open-source OpenSSL library for cryptographic functions and to support secure communications. The root cause of this vulnerability is Minerva’s implementation of OpenSSL’s OPENSSLDIR Read More …

The impact of compromised backups on ransomware outcomes

There are two main ways to recover encrypted data in a ransomware attack: restoring from backups and paying the ransom. Compromising an organization’s backups enables adversaries to restrict their victim’s ability to recover encrypted data and dial-up the pressure to Read More …

Pakistan: Government establishes National CERT to counter cyber attacks

The federal government announced on Tuesday the formation of a National Computer Emergency Response Team (CERT). This initiative aims to fortify the country’s defenses against the growing threat of cyber attacks, providing essential awareness and protection measures to safeguard digital Read More …

Secure by Design Alert Eliminating SQL Injection Vulnerabilities in Software

SQL injection – or SQLi – vulnerabilities remain a persistent class of defect in commercial software products. Despite widespread knowledge and documentation of SQLi vulnerabilities over the past two decades, along with the availability of effective mitigations, software manufacturers have Read More …

UN General Assembly adopts landmark resolution on artificial intelligence

The UN General Assembly on Thursday adopted a landmark resolution on the promotion of “safe, secure and trustworthy” artificial intelligence (AI) systems that will also benefit sustainable development for all. The Assembly called on all Member States and stakeholders “to Read More …

Patch Ivanti Standalone Sentry and Ivanti Neurons for ITSM now

Ivanti has issued patches for two vulnerabilities. One was discovered in the Ivanti Standalone Sentry, which impacts all supported versions 9.17.0, 9.18.0, and 9.19.0. Older versions are also at risk. The other vulnerability impacts all supported versions of Ivanti Neurons Read More …