Security researchers have found a critical vulnerability, CVE-2024-38021, impacting Microsoft Outlook. This zero-click remote code execution flaw, now fixed by Microsoft, allowed unauthorized access without authentication.
Warnings have been issued in India regarding a rise in fraudulent smishing attacks, with scammers impersonating India Post to deceive people into giving personal information or clicking on malicious links.
Campaigns distributing DarkGate malware use various methods like email attachments and malicious ads. A campaign in March-April 2024 used Samba file shares hosting malicious files for DarkGate infections.
A recent Next DLP poll revealed that 73% of cybersecurity professionals used unauthorized apps, including AI, last year. Top concerns were data loss, lack of control, and breaches, with 10% admitting to a breach due to these tools.
The Department of Justice investigated around 1,000 accounts on social media platform X, previously Twitter, which were used by the Kremlin to spread pro-Moscow propaganda created by the AI-driven Meliorator software.
Phishing messages impersonating the Regional Transport Office have been circulating since 2024, claiming traffic violations and prompting users to download a malicious APK named “VAHAN PARIVAHAN.apk”.
Research shows that 75% of CISOs are considering a job change due to various challenges and pressures. CISOs often face accountability for cyber incidents and compliance failures, leading to discontent.
QuoIntelligence discovered the operation called Ticket Heist, with convincing websites selling fake Olympic tickets. The prices on these websites are much higher than the official ones.
The vulnerabilities added include CVE-2024-23692 affecting Rejetto HTTP File Server, CVE-2024-38080 impacting Windows Hyper-V, and CVE-2024-38112 targeting Windows MSHTML Platform.
The Senate Armed Services Committee presented the NDAA for fiscal year 2025, totaling $923.3 billion for defense funding. This includes $878.4 billion for the Pentagon and $33.4 billion for national security programs under the Department of Energy.