Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Avast Threat Labs recently exposed and blocked a highly sophisticated malware operation known as GuptiMiner.

In an era where technology and transportation converge, the fusion of vehicles with IoT technologies heralds a new dawn of mobility. This leap forward promises enhanced connectivity and autonomous capabilities, yet casts a shadow of cyber vulnerabilities that could jeopardize not just the integrity of the vehicles but the safety of their passengers.

A command injection vulnerability, being tracked as CVE-2024-3400, was recently discovered in the GlobalProtect feature of Palo Alto Networks PAN-OS software. This vulnerability has a CVSS score of 10 (Critical) and is actively being exploited in the wild. It impacts versions PAN-OS 120.2, PAN-OS 11.0 and PAN-OS 11.1. If exploited on vulnerable PAN-OS versions and distinct feature configurations, an unauthenticated attacker could execute arbitrary code with root privileges on the firewall.

Despite being a globally accepted security measure, passwords have associated issues that have led to countless breaches and compromised systems over many years of not-so-secure authentication technology. Yet passwords remain the dominant form of authentication because more secure options have not been accessible to all users. Passwords have evolved into the security risk they are today because, as the security requirements for passwords have increased, usability has decreased.

We have all become pretty familiar with our smartphones due to the amount of time we spend on them. According to recent data, the average user spends 3 hours and 15 minutes on their phones every day. As a result, the chance of you noticing something is not quite right with your phone is quite high. However, knowing the cause of the problem and how to fix it can be slightly more difficult. Is your iPhone behaving strangely due to outdated software, age, or hardware problem?

In the ever-evolving cybersecurity landscape, staying ahead of threats is not just a priority but a necessity. Today, we’re announcing a strategic partnership with 4Data Solutions, a renowned technology solutions provider. This alliance is poised to redefine cybersecurity solutions across the UK while elevating the standards of protection for businesses worldwide.

New data shows phishing attacks are deviating from the traditional focus on technology and retail sectors and are opting for alternate brands with widespread appeal. I’ve covered plenty of reports about brand impersonation and it’s almost always Microsoft on top of the list. And with good reason: access to a Microsoft 365 account can give attackers a foothold and potential access to data, applications and more.

Global optics manufacturer Hoya had business operations at its headquarters and several business divisions impacted and is now facing a “No Negotiation / No Discount Policy” $10 million ransom decision to make.

Right now, to boost efficiency and achieve economies of scale, businesses want to automate as much as possible. In back office processes, approaches like Robotic Process Automation (RPA), for example, are now increasingly standard and are expected to be a $20bn-plus market by 2030. In parallel, enterprises are looking to ChatGPT and Generative AI to help them speed up everything from creating marketing brochures to drug discovery.

Budgetary and resource constraints play a huge role in cyberattacks on smaller organizations. Amidst a strained global economy, many under-resourced organizations like non-profits, local governments, and hospitals struggle to keep their heads above water - they simply don't have the funds to invest in cybersecurity.