Google patches critical vulnerability for Androids with Qualcomm chips

In April’s update for the Android operating system (OS), Google has patched 28 vulnerabilities, one of which is rated critical for Android devices equipped with Qualcomm chips. You can find your device’s Android version number, security update level, and Google Read More …

Unveiling the Fallout: Operation Cronos’ Impact on LockBit Following Landmark Disruption

The RaaS group LockBit that has been in operation since early 2020, grew to become one of the largest RaaS groups in the ransomware ecosphere and was responsible for 25% to 33% of all ransomware attacks in 2023. The group Read More …

CVE-2024-0394: Rapid7 Minerva Armor Privilege Escalation (FIXED)

Rapid7 is disclosing CVE-2024-0394, a privilege escalation vulnerability in Rapid7 Minerva’s Armor product family. Minerva uses the open-source OpenSSL library for cryptographic functions and to support secure communications. The root cause of this vulnerability is Minerva’s implementation of OpenSSL’s OPENSSLDIR Read More …

OWASP Foundation reveals data breach following Wiki web server issue

The Open Worldwide Application Security Project (OWASP) suffered a data breach in late February 2024 resulting in the exposure of sensitive data belonging to some of its members. In an announcement published on the OWASP website, Executive Director Andrew van Read More …

Cyberthreats in the transportation industry

Transportation is a key economic sector. It spans a multitude of diverse companies engaged in logistics, urban transit, land and air cargo and passenger conveyance, and other activities. The transportation system performs critical functions that support nationwide objectives by connecting Read More …

Prudential Financial February incident exposed data of nearly 37K customers

Prudential Financial disclosed that 36,545 individuals had personal information stolen in an early February breach that was claimed by ALPHV/BlackCat, the group also responsible for the Change Healthcare ransomware attack. In a letter to consumers March 29, the large insurance Read More …

Top yacht retailer MarineMax says cyberattack led to major online data breach

MarineMax has confirmed suffering a cyberattack, thought to be ransomware, in which threat actors stole sensitive customer information. In an 8-K form, filed with the Securities and Exchange Commission (SEC) on April 1, the company, one of the leading yacht Read More …

Scottish law firm Scullion Law suffers cyber attack

Scullion Law, which has offices on George Street Edinburgh, as well as in Glasgow, Hamilton and Madrid, had 155GB of data stolen in the attack by Black Basta. A spokesperson for the award-winning firm said: “We can confirm that we Read More …

OpenAI’s new ‘Voice Engine’ clones your voice in only 15 seconds

As artificial intelligence (AI) continues to advance rapidly, ChatGPT maker OpenAI is at the forefront of this progress. The research lab has unveiled a powerful new voice cloning technology called Voice Engine. With just a 15-second audio sample, it can Read More …

Backdoor found in widely used Linux utility targets encrypted SSH connections

Researchers have found a malicious backdoor in a compression tool that made its way into widely used Linux distributions, including those from Red Hat and Debian. The compression utility, known as xz Utils, introduced the malicious code in versions ​​5.6.0 Read More …