SecurityWeek1d
Palo Alto Networks Confirms New Firewall Zero-Day Exploitation
Palo Alto Networks confirmed that a zero-day is being exploited in attacks after investigating claims of a firewall remote ...
SecurityWeek1d
CISA Warns of Two More Palo Alto Expedition Flaws Exploited in Attacks
CISA has added two more Palo Alto Networks Expedition flaws, CVE-2024-9463 and CVE-2024-9465, to its KEV catalog.
SecurityWeek1d
In Other News: TSA Wants New Cyber Rules, Scam Call Detection in Android, SIM Swappers Arrested
TSA proposes new cyber rules for pipelines and railroads, Google adds scam call detection to Android, SIM swappers arrested ...
SecurityWeek1d
SurePath AI Raises $5.2 Million for Gen-AI Governance Solution
SurePath AI has raised $5.2 million in seed funding for a solution that helps enterprises securely use generative AI.
SecurityWeek1d
Critical Plugin Flaw Exposed 4 Million WordPress Websites to Takeover
Over 4 million WordPress websites were impacted by a critical Really Simple Security vulnerability providing full ...
SecurityWeek2d
CISA, FBI Confirm China Hacked Telecoms Providers for Spying
CISA and the FBI have confirmed that Chinese hackers compromised the networks of telecommunications companies to spy on ...
SecurityWeek2d
Idaho Man Sentenced to 10 Years in Prison for Hacking, Data Theft, Extortion
Robert Purbeck was sentenced to 10 years in prison for stealing the personal information of over 132,000 people.
SecurityWeek2d
Two Men Charged For Hacking US Tax Preparation Firms
Two Nigerian nationals, one in Mexico and one in North Dakota, charged for hacking into the systems of US tax preparation ...
SecurityWeek2d
Windows Zero-Day Exploited by Russia Triggered With File Drag-and-Drop, Delete Actions
Exploit for a Windows zero-day vulnerability (CVE-2024-43451) is executed by deleting files, drag-and-dropping them, or right ...
SecurityWeek2d
NIST Explains Why It Failed to Clear CVE Backlog
NIST says all known exploited CVEs have been addressed, but admitted that clearing the entire NVD backlog by October was ...
SecurityWeek2d
Unpatched Flaw in Legacy D-Link NAS Devices Exploited Days After Disclosure
Exploitation attempts targeting CVE-2024-10914, a recently disclosed ‘won’t fix’ vulnerability affecting outdated D-Link NAS ...
SecurityWeek8d
US Gov Agency Urges Employees to Limit Phone Use After China ‘Salt Typhoon’ Hack
The US government's CFPB sent an email with a simple directive: “Do NOT conduct CFPB work using mobile voice calls or text ...