Cisco has issued a security advisory regarding a critical remote code execution (RCE) vulnerability, dubbed “regreSSHion,” that affects multiple products. The vulnerability tracked as CVE-2024-6387, was disclosed by the Qualys Threat Research Unit on July 1, 2024. It impacts the OpenSSH server (sshd) in glibc-based Linux systems and has the potential to allow unauthenticated attackers…
Investment scams primarily operate through social media and messaging platforms like WhatsApp and Telegram. CloudSEK found a surge in malicious content on these platforms — over 29,000 fraudulent ads on Facebook and a 81,000 fake investment groups on WhatsApp. The report covers an in-depth report exposing a troubling rise in investment scams targeting individuals in…
Shockwaves from the Russian government’s hack of Microsoft’s corporate infrastructure continue to spread with news that the software giant is notifying surprised customers that their emails were also stolen by the Midnight Blizzard hackers. According to published reports, Redmond’s incident response team is providing a secure portal for customers to view specifics of emails stolen…
A team of researchers from the University of California San Diego has published a paper detailing a novel attack method targeting Intel CPUs. The chip giant says no new mitigations are required to address it. The new attack, named Indirector, is similar to the well-known Spectre v2 or Spectre Branch Target Injection (BTI) attack. These methods typically allow…
Santosh Sheshware has assumed the roles of Chief Information Security Officer and Head of Information Security at Aditya Birla Sun Life Insurance. This is a significant step towards enhancing the company’s cybersecurity framework. With over 17 years of experience in information security across prominent organizations like Bharti AXA Life, PNB MetLife, India Infoline group, HSBC,…
Companies in the market for cybersecurity professionals could face a new method of attack, made harder to spot because of artificial intelligence: Hackers posing as job applicants. As cyber threats targeting U.S. companies multiply, some security leaders have increased scrutiny during hiring to weed out bad actors—or simply applicants with over-embellished resumes. Globally, the cyber…
The Indian Computer Emergency Response Team has found multiple vulnerabilities in the Microsoft Edge browser. As per the agency, these vulnerabilities could potentially be exploited by an attacker to compromise the targeted system. After warning Android users of vulnerability, the Indian Computer Emergency Response Team (CERT-In), which operates under the Ministry of Electronics & Information…
Santa Barbara Systems, a General Dynamics (GD.N) subsidiary in Spain that is refurbishing Leopard tanks for delivery to Ukraine, suffered a cyberattack on its website, a pro-Russia hacker group said. A spokesperson for General Dynamics confirmed that the defence contractor’s Spanish unit had been targeted in an attempted cyberattack “that was detected immediately and has not…
On Sunday, Trend Micro announced its collaboration with Nvidia to develop new cybersecurity tools utilizing artificial intelligence, aimed at securing the data centers where AI operations occur. These tools, showcased at the Computex conference in Taiwan, are designed to run on Nvidia’s chips, detecting intruders and ensuring that only authorized personnel can access sensitive data….
Joe Levy, who has been serving as acting CEO since 15 February, brings nearly three decades of experience in cybersecurity product development and leadership to his new role. Levy also spearheaded the creation of SophosAI and Sophos X-Ops, an operational threat intelligence unit comprising over 500 cybersecurity operators and threat intelligence experts. Sophos said this…
