SecurityWeek

Intel has published 41 new May 2024 Patch Tuesday advisories covering a total of more than 90 vulnerabilities. 

The post Intel Publishes 41 Security Advisories for Over 90 Vulnerabilities  appeared first on SecurityWeek.

The Spanish bank Santander said customers in Chile, Spain and Uruguay are affected by a data breach at a third-party provider.

The post Santander Data Breach Impacts Customers, Employees appeared first on SecurityWeek.

The Ebury Linux botnet has ensnared over 400,000 Linux systems in 15 years, with roughly 100,000 still infected.

The post 400,000 Linux Servers Hit by Ebury Botnet  appeared first on SecurityWeek.

Singing River Health System says the personal information of roughly 900,000 individuals was stolen in an August 2023 ransomware attack.

The post 900k Impacted by Data Breach at Mississippi Healthcare Provider appeared first on SecurityWeek.

Apple and Google have rolled out a new mobile feature that warns users of unwanted trackers moving with them.

The post Unwanted Tracking Alerts Rolling Out to iOS, Android appeared first on SecurityWeek.

The group recommends that Congress draft emergency spending legislation to boost U.S. investments in artificial intelligence, including new R&D and testing standards to understand the technology's potential harms.

The post Senators Urge $32 Billion in Emergency Spending on AI After Finishing Yearlong Review appeared first on SecurityWeek.

Several ICS vendors released advisories on Tuesday to inform customers about vulnerabilities found in their products. 

The post ICS Patch Tuesday: Advisories Published by Siemens, Rockwell, Mitsubishi Electric appeared first on SecurityWeek.

Vermont legislature passed a bill that prohibits the sale of sensitive data, such as social security and drivers’ license numbers, financial or health information.

The post Vermont Legislature Passes One of the Strongest Data Privacy Measures in the Country appeared first on SecurityWeek.

Patch Tuesday: Microsoft documents 60 security flaws in multiple software products and flags an actively exploited Windows zero-day for urgent attention.

The post Microsoft Warns of Active Zero-Day Exploitation, Patches 60 Windows Vulnerabilities appeared first on SecurityWeek.

Adobe documents multiple code execution flaws in a wide range of products, including the widely deployed Adobe Acrobat and Reader software.

The post Adobe Patches Critical Flaws in Reader, Acrobat appeared first on SecurityWeek.

SAP has released 14 new and three updated security notes on its May 2024 Security Patch Day.

The post SAP Patches Critical Vulnerabilities in CX Commerce, NetWeaver appeared first on SecurityWeek.

VMware has patched three vulnerabilities exploited earlier this year at the Pwn2Own hacking competition.

The post VMware Patches Vulnerabilities Exploited at Pwn2Own 2024 appeared first on SecurityWeek.

Ron Reiter was a childhood hacker in Israel. He was recruited into the IDF’s elite Unit 8200 for his military service. Now he is CTO and co-founder of cybersecurity firm Sentra.

The post Hacker Conversations: Ron Reiter, and the Making of a Professional Hacker appeared first on SecurityWeek.

Threat actors are using DNS tunneling to track victims’ interaction with spam and to scan network infrastructures.

The post Attackers Use DNS Tunneling to Track Victim Activity, Scan Networks appeared first on SecurityWeek.

Google has announced patches for another Chrome vulnerability that has been exploited in attacks. This is the second zero-day addressed by the company in one week and the third flaw leveraged in malicious attacks in 2024. The new zero-day, tracked as CVE-2024-4761, has been described as a high-severity out-of-bounds write issue in the V8 JavaScript […]

The post Google Patches Second Chrome Zero-Day in One Week appeared first on SecurityWeek.

The City of Helsinki says usernames, email addresses, and personal information was stolen in a recent cyberattack.

The post Student, Personnel Information Stolen in City of Helsinki Cyberattack appeared first on SecurityWeek.

MITRE announced the public availability of the EMB3D threat model for embedded devices used in critical infrastructure.

The post MITRE EMB3D Threat Model Officially Released appeared first on SecurityWeek.

The FCC has issued a public notice on robocall scammer group ‘Royal Tiger’, the first designated threat actor.

The post FCC Warns of ‘Royal Tiger’ Robocall Scammers appeared first on SecurityWeek.

Zscaler has completed its investigation into the recent hacking claims and found that only an isolated test environment was compromised.

The post Zscaler Confirms Only Isolated Test Server Was Hacked appeared first on SecurityWeek.

Apple documents another zero-day flaw being exploited on older iPhones and documents security problems in macOS, iOS and iPadOS.

The post Apple Patch Day: Code Execution Flaws in iPhones, iPads, macOS appeared first on SecurityWeek.