On July 1, 2024, OpenSSH released fixes for CVE-2024-6387, a vulnerability in OpenSSH’s server (sshd) on glibc-based Linux systems allowing for potential Remote Code Execution (RCE). OpenSSH is a widely-used suite of secure networking tools based on the SSH protocol, providing encryption for secure communication and file transfers, and is essential for remote management on Unix systems. CVE-2024-6387 is a signal handler race condition that allows unauthenticated Remote Code Execution (RCE) as root.

On June 26, 2024, TeamViewer published a statement disclosing they detected an irregularity in TeamViewer’s internal corporate IT environment. TeamViewer is an organization that provides remote access software for devices and is extensively utilized by businesses and individuals globally. Upon detecting the incident on June 26th, TeamViewer immediately activated their response team and procedures and started investigations while implementing necessary remediation measures.

On June 24, 2024, cybersecurity company Sansec published a security advisory detailing how an associated Polyfill domain (cdn.polyfillio) was being used to insert malicious code in scripts served to mobile end users in a web supply chain attack. Polyfill is a popular open-source JavaScript library embedded in more than 100,000 websites to provide polyfills, a small piece of code (usually JavaScript) that helps provide modern functionality on older browsers.

In the rapidly evolving landscape of artificial intelligence (AI), ensuring robust security and compliance is becoming more difficult for enterprises. AI audit logs emerge as a critical tool in this mission, offering a detailed record of all activities within AI systems. By leveraging these logs, businesses can enhance their security posture, ensure regulatory compliance, and optimize AI usage. Let's delve into how AI audit logs can serve as a secret weapon in bolstering enterprise security.

What likely started as a quick ransomware “smash and grab” has turned into a headline case resulting in responses from both U.K. and U.S. law enforcement. Earlier this month, several larger London hospitals suddenly had no access to lab results. It turned out to be the result of a ransomware attack on laboratory partner Synnovis that crippled hospitals and health services that rely on Synnovis.

A hacked customer support portal belonging to router manufacturer Mercku is being used to respond to customer queries with phishing emails, BleepingComputer reports. If a customer files a support ticket through the company’s Zendesk portal, they’ll receive an automated response that attempts to trick them into granting access to their Metamask cryptocurrency account.

The CISO of a major insurance company recently switched from Microsoft to CrowdStrike for endpoint and identity security following a ransomware incident that Microsoft Defender failed to block. The following Q&A explains what happened, the fallout with Microsoft and how CrowdStrike delivered the protection, consolidation and support the CISO needed. Describe your security posture before the incident. I joined the company as CISO a few years ago.

Although using Cash App is a convenient way to receive money from people you already know, Cash App is not safe when receiving money from strangers. Whenever you use a payment app like Cash App, it’s always better to receive money from people you trust to avoid being scammed by a stranger. Other payment apps besides Cash App include PayPal, Venmo, Zelle, Apple Pay and Chime, among others.

Some examples of social engineering attacks include phishing, pretexting, scareware, baiting, vishing, smishing and CEO fraud. If you are unsure what qualifies as social engineering, imagine how many ways someone can manipulate you to reveal private information. Threat actors use these psychological techniques, both in person and online, to gain access to your personal or organizational information. These bad actors can install malware on your device, steal your information and even take your identity.