Author: Admin
January 10, 2025Ravi LakshmananCyber Security / Android Cybersecurity researchers have detailed the patched security flaw that affects Audio monkey (APE) decoder on Samsung smartphones, which can lead to code execution. A high severity vulnerability tracked as CVE-2024-49415 (CVSS score: 8.1), affects Samsung devices running Android versions 12, 13, and 14. “Out-of-bounds writing in libsaped.so before SMR Dec-2024 Release 1 allows remote attackers to execute arbitrary code,” Samsung said in a shortfall advisory published in December 2024. as part of monthly security updates. “Patch adds proper input validation.” Google Project Zero researcher Natalie Silvanovitch, who discovered and reported the flaw, described…
Network segmentation remains a critical security requirement, but organizations struggle with traditional approaches that require large hardware investments, complex policy management, and disruptive network changes. The healthcare and manufacturing sectors face particular challenges as they integrate a variety of endpoints into their production networks, from legacy medical devices to IoT sensors. These devices often lack robust security hardening, creating significant vulnerabilities that traditional segmentation solutions struggle to address. Elisity aims to address these challenges with an innovative approach that leverages existing network infrastructure while providing identity-based micro-segmentation at the network edge. Rather than requiring new hardware, agents, or complex network…
January 9, 2025Ravi LakshmananEndpoint Vulnerability / Security Palo Alto Networks has released software patches to address several security flaws in its Expedition migration tool, including a high-severity flaw that an authenticated attacker could use to gain access to sensitive data. “Several vulnerabilities in the Palo Alto Networks Expedition migration tool could allow an attacker to read the contents of the Expedition database and arbitrary files, and to create and delete arbitrary files on the Expedition system,” the company said in a statement. said in the advisory. “These files include information such as usernames, plaintext passwords, device configurations, and device API…
As SaaS vendors look to integrate AI into their product offerings to stay competitive and relevant, a new challenge has emerged in the AI world: shadow AI. Shadow AI refers to the unauthorized use of AI tools and co-pilots within organizations. For example, a developer using ChatGPT to help write code, a salesperson downloading an AI-powered meeting transcription tool, or a customer service representative using Agentic AI to automate tasks—without going through the appropriate channels. When these tools are used without IT or security’s knowledge, they often lack security controls, putting company data at risk. Problems with the detection of…
January 9, 2025Ravi Lakshmanan Cybersecurity researchers have discovered a new, more stealthy version of the macOS-targeting malware called The Banshee Kidnapper. “Once thought to be broken after the source code was leaked in late 2024, this new iteration introduces advanced string encryption inspired by Apple’s XProtect”, Check Point Research said in a new analysis shared with The Hacker News. “This development bypasses antivirus systems, posing a significant risk to more than 100 million macOS users worldwide.” The cybersecurity firm said it discovered the new version in late September 2024, when the malware was distributed using phishing websites and fake GitHub…
January 9, 2025Hacker newsData Protection / Encryption Ransomware isn’t slowing down—it’s getting smarter. Encryption, designed to keep our online lives safe, is now being used by cybercriminals to hide malware, steal data and avoid detection.The result? A 10.3% spike in encrypted attacks over the past year and some of the most shocking ransom payments in history, including a $75 million ransom in 2024. Are you ready to fight back? Join us Emily Lauferdirector of product marketing at Zscaler, for an introductory session, “Preparing for ransomware and encrypted attacks in 2025”, filled with practical ideas and cutting-edge strategies to outsmart these…
January 9, 2025Ravi LakshmananCyber Security / Malware Japan’s National Police Agency (NPA) and the National Cyber Security Strategy and Incident Preparedness Center (NCSC) have accused a China-linked threat actor named MirrorFace of orchestrating an ongoing campaign of attacks against organizations, businesses and individuals in the country since 2019. The main goal of the attack campaign is to steal information related to Japan’s national security and advanced technology, the agency said. MirrorFace, also tracked as Earth Kasha, is believed to be a subset of APT10. It has a track record of systematically attacking Japanese organizations, often using tools such as ANEL,…
January 9, 2025Ravi LakshmananVulnerability / Threat Intelligence Threat actors attempt to take advantage of a newly discovered security flaw that affects GFI KerioControl firewalls that, if successfully exploited, could allow attackers to achieve remote code execution (RCE). The vulnerability under question CVE-2024-52875refers to a carriage return string transmission (CRLF) injection attack, paving the way for Splitting the HTTP responsewhich could lead to a cross-site scripting (XSS) flaw. Successful exploitation of the 1-click RCE flaw allows an attacker to inject malicious input into HTTP response headers by entering carriage return (\r) and line feed (\n) characters. The issue affects KerioControl versions…
January 9, 2025Ravi LakshmananData Privacy / GDPR The European General Court on Wednesday fined the European Commission, the European Union’s main executive body responsible for proposing and enforcing laws for member states, for breaching the bloc’s own data privacy rules. The event marked the first time the Commission had been prosecuted for breaching the region’s strict data protection laws. Court is determined that a “sufficiently serious breach” was committed by transmitting a German citizen’s personal data, including his IP address and web browser metadata, to a Meta server in the United States while visiting the now-defunct website futureu.europa(.)eu in March…
Ivanti warns that from mid-December 2024. a critical security flaw affecting Ivanti Connect Secure, Policy Secure and ZTA Gateways has become actively exploited. Security vulnerability addressed CVE-2025-0282 (CVSS Score: 9.0), stack-based buffer overflow affecting Ivanti Connect Secure before 22.7R2.5, Ivanti Policy Secure before 22.7R1.2, and Ivanti Neurons for ZTA Gateways before 22.7R2.3. “Successful exploitation of CVE-2025-0282 could lead to remote code execution without authentication,” Ivanti said in an advisory. “Threat actor activity was detected by the Integrity Check Tool (ICT) on the same day, allowing Ivanti to respond promptly and quickly develop a fix.” The company also fixed another high-severity…