Nearly two million people in the UK may have had their identity stolen and used by fraudsters to open a financial account in 2023, according to FICO’s new Fraud, Identity and Digital Banking Report.
The maintainers of ‘shim’ released version 15.8 to address six vulnerabilities, with the most critical one (CVE-2023-40547) potentially leading to remote code execution and Secure Boot bypass.
The GAO urged the White House to establish performance measures for federal cybersecurity initiatives, but the ONCD pushed back, citing the difficulty of developing outcome-oriented measures and estimating implementation costs.
Canon has patched critical buffer-overflow bugs in its printers that could allow attackers to remotely perform denial of service or execute arbitrary code, emphasizing the importance of promptly updating firmware.
Crypto agility, including the ability to rapidly switch between certificate authorities and encryption standards, is essential for securing digital infrastructure in today’s automated operational environment.
The framework has successfully identified vulnerabilities in C/C++ projects, including two in cJSON and libplist, which might have remained undiscovered without the use of large language models.
New Vulnerabilities in Azure HDInsight Could Have Led to Privilege Escalations and Denial of Service
These vulnerabilities could have allowed attackers to gain cluster administrator privileges, disrupt operations, and negatively impact the availability and reliability of the affected systems.
Companies are bracing for a significant increase in cyber threats in 2024, with 96% of respondents expecting the threat of cyberattacks to their industry to rise, and 71% predicting an increase of more than 50%, according to Cohesity.
Verizon Communications has reported an insider data breach affecting nearly half of its workforce, exposing sensitive employee information such as names, addresses, Social Security numbers, and compensation details.
Chinese state-sponsored hackers breached the internal computer network of the Dutch Ministry of Defence using a vulnerability in FortiGate devices. The breach was for espionage purposes and the malware was found in a compartmentalized network.