Sep 13, 2023THNKubernetes / Cloud Security Three interrelated high-severity security flaws discovered in Kubernetes could be exploited to achieve remote code execution with elevated privileges on Windows endpoints within a cluster. The issues, tracked as CVE-2023-3676, CVE-2023-3893, and CVE-2023-3955, carry CVSS scores of 8.8 and impact all Kubernetes environments with Windows nodes. Fixes for the […]
Cybercriminals appear to have deployed bots to break into customer accounts at several large automakers, then harvested important information about thousands of individual vehicles and offered it for sale in private Telegram channels, researchers said Tuesday. The evidence suggests the hackers used automated account takeover (ATO) techniques to “access to personal information as well as […]
CertifID, a startup developing fraud prevention tech for the real estate market, today announced that it raised $20 million in a funding round led by Arthur Ventures at “over double” its previous valuation. CertifID primarily develops products to fight wire fraud. The startup’s co-founder, Thomas Cronkright, launched the company in 2017 after losing $180,000 to […]
Sep 13, 2023THNVulnerability / Data Security More details have emerged about a set of now-patched cross-site scripting (XSS) flaws in the Microsoft Azure HDInsight open-source analytics service that could be weaponized by a threat actor to carry out malicious activities. “The identified vulnerabilities consisted of six stored XSS and two reflected XSS vulnerabilities, each of […]
Research by: Niv Asraf Abstract In the last two months, Check Point researchers encountered a new large-scale phishing campaign that recently targeted more than 40 prominent companies across multiple industries, in Colombia. The attackers’ objective was to discreetly install the notorious “Remcos” malware on victims’ computers. Remcos, a sophisticated “Swiss Army Knife” RAT, grants attackers […]
A CoinEx hot wallet transferred $27 million of various tokens to a wallet with no previous history in what the exchange’s team has referred to as “anomalous withdrawals.” Breaking news Join us on social networks On Sept. 12, crypto exchange CoinEx experienced abnormally large outflows to an address with no prior history, leading security experts […]
Microsoft addressed five critical security vulnerabilities in its September Patch Tuesday update, along with two “important”-rated zero-days under active attack in the wild. In total, Microsoft released 59 new patches addressing bugs across the product gamut: They affect Microsoft Windows, Exchange Server, Office, .NET and Visual Studio, Azure, Microsoft Dynamics, and Windows Defender. The update […]
In the past several months, rampant excitement about the potential benefits of generative AI technology has increased the technology’s priority status across enterprise organizations worldwide. According to a recent research report from TechTarget’s Enterprise Strategy Group, “Beyond the GenAI Hype: Real-world Investments, Use Cases, and Concerns,” 42% of organizations said they are in a generative […]
Sep 13, 2023The Hacker NewsThreat Detection / SaaS Security In today’s digital age, SaaS applications have become the backbone of modern businesses. They streamline operations, enhance productivity, and foster innovation. But with great power comes great responsibility. As organizations integrate more SaaS applications into their workflows, they inadvertently open the door to a new era […]