Tag: Potential

18 Apr

Introducing Microsoft’s Cyber Security Assistant Powered by AI Technology

Microsoft Unveils 'Security Copilot' Tool to Boost Cybersecurity Efforts. Microsoft has launched a new tool designed to help cyber security professionals detect and identify breaches and threat signals more efficiently. Called 'Security Copilot', the tool is powered by OpenAI's latest GPT-4 generative artificial intelligence model. Its primary function is to aid security analysts in tasks such as summarising incidents, analysing vulnerabilities, and sharing information with colleagues...

13 Apr

Aruba Networks releases patch to fix ClearPass software vulnerabilities

in Cyber Security, Cybersecurity

Comments

Aruba Networks Releases Patches for Eight Vulnerabilities in ClearPass Policy Manager Software. Aruba Networks, a leading provider of network access enforcement solutions, has recently disclosed a set of patches to address eight vulnerabilities in its ClearPass Policy Manager software. The software is used to enforce unified network access across wireless, wired, and VPN networks. The most severe vulnerability, CVE-2023-25589, was discovered by New Zealander pentester Daniel Jensen....

08 Apr

The LastPass Data Breach: Failure to Update Plex Software by Engineer Resulted in a Major Security Breach.

in Cyber Security, Cybersecurity

Comments

LastPass Breach Resulted from Failure to Update Plex Software. A recent breach at LastPass, a popular password management service, has been attributed to the failure of one of its engineers to update Plex software on their home computer. This serves as a reminder of the importance of keeping software up-to-date to avoid potential security risks. The breach occurred when unidentified actors leveraged information stolen from a previous...

23 Mar

BlackLotus Malware Successfully Bypasses Secure Boot on Windows 11, Becoming First UEFI Bootkit

in Cyber Security, Cybersecurity

Comments

Today marks a significant milestone in the cyber threat landscape, as the first publicly known malware capable of bypassing Secure Boot defenses has been discovered. Dubbed BlackLotus, the stealthy Unified Extensible Firmware Interface (UEFI) bootkit is being offered for sale at $5,000 and is programmed in Assembly and C. According to ESET, a Slovak cybersecurity company, BlackLotus is capable of running on fully up-to-date Windows 11...

19 Mar

Fortinet FortiNAC Urged to Address Critical Vulnerability

in Cyber Security, Cybersecurity, Vulnerabilities

Comments

The security of Fortinet FortiNAC appliances is under attack, with proof-of-concept exploit code now available and active exploitation attempts in the wild. FortiNAC is a zero-trust network access solution that can be deployed both as a hardware device or as a virtual machine appliance, and is used for network segmentation, visibility, and control of devices and users connected to the network. With more than 700,000 Fortinet...

18 Mar

Medibank Reports Details of 2022 Security Breach, Including Attack Vector and Cost (too little too late)

in Cyber Security, Cybersecurity

Comments

Medibank has suffered a financial blow of up to $45 million as a result of a security breach in October. The attack saw an intruder gain access to the insurer's systems using a misconfigured firewall, bypassing the need for a digital security certificate. In response, Medibank has implemented additional security measures, including increased internal and third-party monitoring, and re-examining data management in light of potential changes...

23 Feb

Good Guys Retailer Alerts Customers of Potential Data Breach

in Cyber Security, Cybersecurity

Comments

Have the Bad Guys done a number on the Good Guys? The Good Guys has become the latest company to reveal that its customers have been affected by a data breach that occurred at My Rewards - a 3rd part loyalty program provider. The breach, which occurred in August 2021, exposed limited customer data such as names, addresses, phone numbers and email addresses. In some cases, an...

16 Feb

Wireless IIoT Device Vulnerabilities Pose Risk to Critical Infrastructure

in Cyber Security, Cybersecurity

Comments

A set of 38 security vulnerabilities has been uncovered in wireless industrial internet of things (IIoT) devices from four different vendors that could pose a significant attack surface for threat actors looking to exploit operational technology (OT) environments. "Threat actors can exploit vulnerabilities in Wireless IIoT devices to gain initial access to internal OT networks," Israeli...

Potential Tag

Introducing Microsoft’s Cyber Security Assistant Powered by AI Technology

Aruba Networks releases patch to fix ClearPass software vulnerabilities

BlackLotus Malware Successfully Bypasses Secure Boot on Windows 11, Becoming First UEFI Bootkit

Fortinet FortiNAC Urged to Address Critical Vulnerability

Medibank Reports Details of 2022 Security Breach, Including Attack Vector and Cost (too little too late)

Good Guys Retailer Alerts Customers of Potential Data Breach

Wireless IIoT Device Vulnerabilities Pose Risk to Critical Infrastructure

Cloud Backup Feature for TOTP Codes Now Available on Google Authenticator App

Accounts left vulnerable to permanent compromise due to Google OAuth bug

How Fancy Bear Infected Routers Using an Old SNMP Bug

AI-generated YouTube videos used to distribute difficult-to-detect malware loader

Navigation

Connect with us on social