Sunday, September 8, 2024

InfoSec News Feeds

Packetstorm

THN

PortSwigger

Security Affaris

  • U.S. CISA adds Draytek VigorConnect and Kingsoft...
    by Pierluigi Paganini on 7 September 2024 at 5:19 PM

    U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Draytek VigorConnect and Kingsoft WPS Office bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Draytek VigorConnect and Kingsoft WPS Office vulnerabilities to […]

  • A flaw in WordPress LiteSpeed Cache Plugin allows...
    by Pierluigi Paganini on 7 September 2024 at 12:13 PM

    A critical flaw in the LiteSpeed Cache plugin for WordPress could allow unauthenticated users to take control of arbitrary accounts. The LiteSpeed Cache plugin is a popular caching plugin for WordPress that accounts for over 5 million active installations. The plugin offers site acceleration […]

  • Car rental company Avis discloses a data breach
    by Pierluigi Paganini on 6 September 2024 at 10:48 PM

    Car rental giant Avis disclosed a data breach that impacted one of its business applications in August compromising customers’ personal information. Car rental company Avis notified customers impacted in an Augus data breach. Threat actors breached one of its business applications and gained […]

HackerOne

WeLiveSecurity

  • Bitcoin ATM scams skyrocket – Week in security...
    on 6 September 2024 at 11:25 AM

    The schemes disproportionately victimize senior citizens, as those aged 60 or over were more than three times as likely as younger adults to fall prey to the scams

  • ESET Research Podcast: HotPage
    on 5 September 2024 at 10:26 AM

    ESET researchers discuss HotPage, a recently discovered adware armed with a highest-privilege, yet vulnerable, Microsoft-signed driver

  • The key considerations for cyber insurance: A...
    on 4 September 2024 at 10:00 AM

    Would a more robust cybersecurity posture impact premium costs? Does the policy offer legal cover? These are some of the questions organizations should consider when reviewing their cyber insurance options

TheRegister

  • Despite cyberattacks, water security standards...
    by Jessica Lyons on 7 September 2024 at 1:33 PM

    White House floats round two of regulations Feature  It sounds like the start of a bad joke: Digital trespassers from China, Russia, and Iran break into US water systems.…

  • Uncle Sam charges Russian GRU cyber-spies behind...
    by Jessica Lyons on 5 September 2024 at 8:44 PM

    Feds post $10M bounty for each of the six's whereabouts The US today charged five Russian military intelligence officers and one civilian for their alleged involvement with the data-wiping WhisperGate campaign conducted against Ukraine in January 2022 before the ground invasion began.…

  • The fingerpointing starts as cyber incident at...
    by Richard Speed on 5 September 2024 at 11:00 AM

    Network admins take a ride on the Fright Bus The Transport for London (TfL) "cyber incident" is heading into its third day amid claims that a popular appliance might have been the gateway for criminals to gain access to the organization's network.…

Security Week

  • US Gov Removing Four-Year-Degree Requirements for...
    by SecurityWeek News on 6 September 2024 at 5:44 PM

    The US government will remove "unnecessary degree requirements" in favor of skills-based hiring to help fill 500,000 open cybersecurity jobs. The post US Gov Removing Four-Year-Degree Requirements for Cyber Jobs appeared first on SecurityWeek.

  • Recent SonicWall Firewall Vulnerability...
    by Eduard Kovacs on 6 September 2024 at 2:10 PM

    SonicWall is warning customers that the recently patched critical vulnerability CVE-2024-40766 may be exploited in the wild. The post Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild appeared first on SecurityWeek.

  • In Other News: US Army Hacks Buildings, X Hiring...
    by SecurityWeek News on 6 September 2024 at 1:47 PM

    Noteworthy stories that might have slipped under the radar: US Special Forces can hack buildings, X is hiring cybersecurity staff, and FTC warns of Bitcoin ATM scams.  The post In Other News: US Army Hacks Buildings, X Hiring Cybersecurity Staff, Bitcoin ATM Scams appeared first on SecurityWeek.

Exploit-DB Updates