Sony confirms data breaches impacting thousands of Americans
Sony Interactive Entertainment has informed its current, former and family members of employees about an information security breach which exposed their personal data. About 6,800 people received the notification, which…
Continuous monitoring can enhance your security application program
In the past, cyber security models were largely reactive. The organizations would evaluate vulnerabilities on a regular basis, usually after a security breach or audit. This method has its benefits, but the…
Microsoft: Hackers target Azure cloud VMs via breached SQL servers
Hackers are attempting to compromise cloud environments by exploiting SQL Injection vulnerabilities in Microsoft SQL Servers. Microsoft’s security researchers have reported that the lateral movement attack technique was previously used…
BunnyLoader, a new malware-as a service threat with many features has been discovered
Researchers have discovered that a malware-as a service (MaaS), named BunnyLoader, is being advertised in multiple hacker communities as a loader without files which can replace and steal the contents…
Qualcomm claims hackers have exploited 3 zero-days within its DSP and GPU drivers
Hackers are exploiting three zero-day security vulnerabilities that Qualcomm has identified in its GPU drivers and Compute DSP Drivers. Google’s Threat Analysis Group and Project Zero told the American semiconductor…
ShellTorch vulnerabilities expose AI servers for code execution.
ShellTorch, a set of critical flaws in TorchServe’s open-source AI model serving tool that is used by tens and thousands of servers exposed to the internet (including some belonging to…
Android Security Update October fixes zero-day exploits in attacks
Google released October 2023 Android security updates, which address 54 vulnerabilities unique to Android. Two of these are known exploits. Google “indicated that these flaws may be subject to limited…
Google will bolster its phishing and malware defenses by 2024
Google is introducing new guidelines for bulk email senders in February, to strengthen security and protect against malware and phishing. These will require that they authenticate all emails sent and…
The ‘Looney Tunables Linux bug’ has been found to be a root cause on all major Linux distributions
The Linux vulnerability CVE-2023-491 is tracked by the CVE database as Looney Tunables. It allows local attackers gain root access through a buffer-overflow flaw in GNU C library’s dynamic loader ld.so. GNU C…
Sony confirms data breaches impacting thousands of Americans
Sony Interactive Entertainment has informed its current, former and family members of employees about an information security breach which exposed their personal data. About 6,800 people received the notification, which…