SAP has released a security patch package for August 2024, addressing 17 vulnerabilities, including a critical authentication bypass flaw (CVE-2024-41730) in the SAP BusinessObjects Business Intelligence Platform.
Nightfall AI’s research found that 35% of exposed API keys were still active, leading to significant security risks. The study uncovered an average of about 350 secrets, including passwords and API keys, exposed per 100 employees annually on GitHub.
Promoted through Telegram and other underground forums, DeathGrip RaaS offers aspiring threat actors on the dark web sophisticated ransomware tools, including LockBit 3.0 and Chaos builders.
Orion SA recently disclosed to US regulators that it fell victim to a criminal wire fraud scheme resulting in a $60 million loss. The incident, possibly a BEC scam, involved fraudulent wire transfers to unknown third-party accounts by an employee.
During a recent security audit by Laburity researchers, an application with a vulnerability related to pfblockerNG was identified. Attempts using default credentials failed, but an exploit from exploit-db was unsuccessful.
The Banshee Stealer can rob sensitive data, including passwords from macOS Keychain, system information, and data from popular web browsers like Safari, Chrome, and Firefox. It can also access cryptocurrency wallets and plugins.
A vulnerability in the Windows CLFS.sys driver, identified as CVE-2024-6768, allows an unprivileged user to crash the system, leading to a Blue Screen of Death. The flaw is due to improper input validation and affects Windows 10 and 11.
Monitoring evolving DDoS trends is essential for anticipating threats and adapting defensive strategies. The comprehensive Gcore Radar Report for the first half of 2024 provides detailed insights into DDoS attack data, showcasing changes in attack patterns and the broader landscape of cyber threats. Here, we share a selection of findings from the full report. Key […]