Google Alerts Users to Exploited Vulnerability in Pixel Firmware Google has issued a warning regarding a security vulnerability affecting Pixel Firmware that is currently being exploited in the wild. Labeled as a zero-day flaw, this high-severity issue, identified by the code CVE-2024-32896, is categorized as an elevation of privilege vulnerability.…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a deadline of November 17, 2023, for federal agencies and organizations to implement security mitigations against several vulnerabilities identified in the Juniper Junos OS, which were disclosed earlier in August. This move comes in light of growing concerns surrounding the…
New Hacking Campaign by TeamTNT Targets Exposed Docker Daemons A recent report by cybersecurity researchers at Aqua Nautilus has unveiled a sophisticated campaign orchestrated by TeamTNT, a hacking group with a notorious reputation for its relentless attacks on cloud-native environments. This campaign exploits exposed Docker daemons, allowing TeamTNT to deploy…
Live Webinar: Integrating Remote Access with Threat Detection to Protect EU Operational Technology Environments The cybersecurity landscape is evolving, with recent incidents underscoring the urgent need for cohesive strategies in remote access and threat detection. A pivotal live webinar is set to explore how these elements can be unified to…
Cloud communications company Twilio has recently reported a significant security incident involving its Authy application, a widely used two-factor authentication (2FA) service. According to a recent statement, attackers exploited an unauthenticated endpoint within Authy, potentially exposing sensitive information linked to user accounts, specifically cell phone numbers. This vulnerability underscores the…
In 2024, organizations navigated a complex landscape of emerging cybersecurity regulations as governments around the world introduced stricter mandates aimed at safeguarding privacy and data security across various sectors. While these regulations emerged, security and risk leaders raced to fortify their defenses against evolving technologies, such as generative AI (genAI),…
Emerging Threat: Exploitation of Machine Learning Models via Sleepy Pickle Attacks Recent revelations spotlight significant vulnerabilities within the widely utilized Pickle format, particularly concerning machine learning (ML) models. A new attack technique, referred to as Sleepy Pickle, has been identified, which leverages this format to compromise ML models themselves. This…
Russian state-sponsored cyber espionage activities have recently come under scrutiny as actors associated with the Federal Security Service (FSB) deploy a new malware variant known as LitterDrifter. This USB worm has been specifically used to breach defenses of various entities within Ukraine, raising significant alert levels among cybersecurity experts. Check…
Tim Grieveson Appointed Senior Vice President – Global Cyber Security Risk Advisor at Bitsight Former CSO Brings Extensive Experience in Cybersecurity Leadership Tim Grieveson has joined Bitsight as their Senior Vice President and Global Cyber Security Risk Advisor, where he will leverage his extensive experience in cybersecurity to aid organizations…
