BleepingComputer.com

"Progress LoadMaster vulnerable to 10/10 severity RCE flaw."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 08 September 2024, 1458 UTC.

Content and Source:   https://www.bleepingcomputer.com/

Please check link or scroll down to read your selections. Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Latest Articles

Progress LoadMaster vulnerable to 10/10 severity RCE flaw

  • Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to remotely execute commands on the device.

  • Cybersecurity ethical hacking penetration testing
     
    Deals

Get started learning about cybersecurity with this course bundle deal

  • Take a real step towards a job in information security with this intro to cybersecurity. Get the 2024 Cybersecurity Essentials Bundle for $39.99 (reg. $1,000). 

    • BleepingComputer Deals
      •  
    • September 08, 2024
      •  
    • 08:17 AM
      •  
    • Comment Count 0
  • Spouse Cheating
     
    Security

Sextortion scam now use your "cheating" spouse’s name as a lure

  • A new variant of the ongoing sextortion email scams is now targeting spouses, saying that their husband or wife is cheating on them, with links to the alleged proof.

  • Airgapped
     
    Security

New RAMBO attack steals data using RAM in air-gapped computers

  • A novel side-channel attack dubbed  "RAMBO" (Radiation of Air-gapped Memory Bus for Offense) generates electromagnetic radiation from a device's RAM to send data from air-gapped computers.

  • Visio
     
    Deals

Use Visio to simplify data without simplifying your visuals in this deal

  • Now available for just $19.97 with a lifetime license, Visio is your go-to solution for creating detailed network diagrams, mapping out security protocols, and visualizing complex data flows.

    • BleepingComputer Deals
      •  
    • September 07, 2024
      •  
    • 08:14 AM
      •  
    • Comment Count 0
  • Transport for London TfL
     
    Security

Transport for London staff faces systems disruptions after cyberattack

  • ​Transport for London, the city's public transportation agency, revealed today that its staff has limited access to systems and email due to measures implemented in response to a Sunday cyberattack.

  • AVIS
     
    Security

Car rental giant Avis discloses data breach impacting customers

  • American car rental giant Avis disclosed a data breach after attackers breached one of its business applications last month and stole customer personal information.

  • Microsoft Office
     
    Microsoft, Security

Microsoft Office 2024 to disable ActiveX controls by default

  • ​After Office 2024 launches in October, Microsoft will disable ActiveX controls by default in Word, Excel, PowerPoint, and Visio client apps.

  • Android
     
    Security, CryptoCurrency, Mobile

SpyAgent Android malware steals your crypto recovery phrases from images

  • A new Android malware named SpyAgent uses optical character recognition (OCR) technology to steal cryptocurrency wallet recovery phrases from screenshots stored on the mobile device.

  • SonicWall
     
    Security

SonicWall SSLVPN access control flaw is now exploited in attacks

  • SonicWall is warning that a recently fixed access control flaw tracked as CVE-2024-40766 in SonicOS is now "potentially" exploited in attacks, urging admins to apply patches as soon as possible.

  • Cybersecurity
     
    Deals

Prepare for a new job with this cybersecurity certification course deal

  • No need to hack and slash your budget to afford a cybersecurity education. Get the Ultimate Advanced Cybersecurity Professional Certification Bundle for $69.97.

    • BleepingComputer Deals
      •  
    • September 06, 2024
      •  
    • 07:08 AM
      •  
    • Comment Count 0
  • Apache
     
    Security

Apache fixes critical OFBiz remote code execution vulnerability

  • Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.

  • Microsoft
     
    Security, Artificial Intelligence, Technology

Microsoft removes revenge porn from Bing search using new tool

  • Microsoft announced today that it has partnered with StopNCII to proactively remove harmful intimate images and videos from Bing using digital hashes people create from their sensitive media.

  • Cybersecurity Lock World
     
    Deals

This ethical hacking course deal helps get you started in cybersecurity

  • A solid understanding of ethical hacking only enhances your technical skills, and this Premium Ethical Hacking Certification Bundle deal helps you on your way.

    • BleepingComputer Deals
      •  
    • September 05, 2024
      •  
    • 02:06 PM
      •  
    • Comment Count 0
  • Russia cyberspies
     
    Security

Russian military hackers linked to critical infrastructure attacks

  • The United States and its allies have linked a group of Russian hackers (tracked as Cadet Blizzard and Ember Bear) behind global critical infrastructure attacks to Unit 29155 of Russia's Main Directorate of the General Staff of the Armed Forces (also known as GRU).

  • WordPress
     
    Security

LiteSpeed Cache bug exposes 6 million WordPress sites to takeover attacks

  • Yet, another critical severity vulnerability has been discovered in LiteSpeed Cache, a caching plugin for speeding up user browsing in over 6 million WordPress sites.

  • Bots
     
    Security, Artificial Intelligence

Musician charged with $10M streaming royalties fraud using AI and bots

  • North Carolina musician Michael Smith was indicted for collecting over $10 million in royalty payments from Spotify, Amazon Music, Apple Music, and YouTube Music using AI-generated songs streamed by thousands of bots in a massive streaming fraud scheme.

  • Veeam
     
    Security

Veeam warns of critical RCE flaw in Backup & Replication software

  • Veeam has released security updates for several of its products as part of a single September 2024 security bulletin that addresses 18 high and critical severity flaws in Veeam Backup & Replication, Service Provider Console, and One.

  • Save on a refurbished Chromebook now marked down to $80
     
    Deals

Save on a refurbished Chromebook now marked down to $80

  • These are no-frill computers that can manage basic tasks and don't look out of place stuffed in a backpack, and this Chromebook 4 is the perfect example for the right price. It's also only $80. 

    • BleepingComputer Deals
      •  
    • September 05, 2024
      •  
    • 07:16 AM
      •  
    • Comment Count 0
  • OnlyFans
     
    Security

Hacker trap: Fake OnlyFans tool backstabs cybercriminals, steals passwords

  • Hackers are targeting other hackers with a fake OnlyFans tool that claims to help steal accounts but instead infects threat actors with the Lumma stealer information-stealing malware.

View More

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

The Cyberwire Daily Briefing

Image
"Fortinet confirms breach of customer data." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 15 September 2024, 1339 UTC. Content and Source:   https://thecyberwire.com/newsletters/daily-briefing/13/176 Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). V13 | Issue 176 | 9.13.24 Daily Briefing for 09.13.24 Announcement Cloud Security in the Age of Generative AI. Artificial Intelligence is revolutionizing business, but it also introduces new risks. Join us on Wednesday, September 18th at 2pm EDT for a compelling live webinar on "Good vs. Evil: Cloud Security in the Age of Generative AI" with N2K CyberWire’s Dave Bittner and Sysdig’s Loris Degioanni.  Learn more and register now . Summary By the CyberWire staff At a glance. Fortinet confirms breach of customer data. Iran's Scarred Manticore deploys ne
Read more

SecurityWeek Briefing

Image
"New RAMBO attack allows air-gapped data theft." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 10 September 2024, 0035 UTC. Content and Source:  https://www.securityweek.com Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net).   Monday, September 9 , 2024 Are you worried about unmanaged devices and apps? LATEST CYBERSECURITY HEADLINES New RAMBO Attack Allows Air-Gapped Data Theft Predator Spyware Resurfaces With Fresh Infrastructure Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws 300,000 Impacted by Data Breach at Car Rental Firm Avis One Million US Kaspersky Customers Transferred to Pango’s UltraAV Two Indicted in US for Running Dark Web Marketplaces Offering Stolen Information Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks CISA Breaks Silence on Controversial ‘Airp
Read more