Three of the vulnerabilities could allow an attacker to send malicious data, intercept credentials sent in clear text, and potentially compromise the entire Fibre Channel infrastructure.
Researchers discovered a sophisticated phishing campaign that is using compromised email accounts and Autodesk’s file sharing platform to steal Microsoft login credentials from victims.
The round was led by existing investor General Atlantic, with participation from other major investors StepStone Group and the D. E. Shaw group. The company intends to use the funds to drive product innovation and accelerate its global expansion.
Researchers have sinkholed a command and control server for a variant of the PlugX malware and observed in six months more than 2.5 million connections from unique IP addresses.
A critical severity flaw (CVE-2024-27956) in the WP-Automatic plugin for WordPress allows threat actors to gain unauthorized access to WordPress sites, create admin-level user accounts, and potentially take full control of the affected sites.
Threat actors utilize fraudulent websites hosted on popular legitimate platforms to spread malware and steal data. To evade detection, attackers employ obfuscation methods and checks on referral URLs.
The FTC is sending $5.6 million in refunds to Ring users whose private video feeds were accessed without consent by Amazon employees and contractors, or had their accounts and devices hacked because of insufficient security protections.
The research identified deficiencies in various PMP components that could be exploited to gain access to plaintext content keys guarded by PlayReady DRM in Windows 10/11 environments.
The hackers, identified as UAT4356 by Cisco Talos and STORM-1849 by Microsoft, began infiltrating vulnerable edge devices in early November 2023 in a cyber-espionage campaign tracked as ArcaneDoor.
Most businesses are concerned about AI-enabled cyber-threats, with 93% of security leaders expecting to face daily AI-driven attacks by the end of 2024, according to a new report by Netacea.