Meta Platforms revealed an Iranian hacker group targeting global political figures on WhatsApp. The Iranian state-sponsored threat actor APT42 used WhatsApp accounts to target individuals in Israel, Palestine, Iran, the U.K., and the U.S.
The C-suite’s lack of engagement in cybersecurity poses a significant risk despite the growing threat landscape. Organizations need to prioritize cyber-risk management to prevent financial losses and damage to their reputation.
The vulnerability, CVE-2024-39717, allows administrators to upload a malicious file disguised as a PNG image through the “Change Favicon” feature in Versa Director’s GUI.
As per GetApp’s 2024 Executive Cybersecurity Report, 72% of cybersecurity professionals in the US have reported attacks on senior executives in the past 18 months, with AI-generated deepfakes playing a role in 27% of these incidents.
SolarWinds has fixed another critical bug in Web Help Desk, known as CVE-2024-28987. This flaw involves hardcoded credentials that can be exploited by remote unauthenticated users to access internal functions and alter data.
Equiniti Trust Company, a financial services company, has been fined $850,000 by the Securities and Exchange Commission for failing to protect customer assets in two separate cyberattacks that resulted in the theft of over $6.6 million.
Gartner’s 2024 Hype Cycle for Emerging Technologies highlights autonomous AI, developer productivity, total experience, and human-centric security and privacy programs as the key technology trends to look out for.
Two security vulnerabilities have been disclosed in the open-source Traccar GPS tracking system that could be potentially exploited by unauthenticated attackers to achieve remote code execution under certain circumstances. Both the vulnerabilities are path traversal flaws and could be weaponized if guest registration is enabled, which is the default configuration for Traccar 5, Horizon3.ai
Cybercriminals are continuously evolving their tactics, emphasizing the need for organizations to have continuous monitoring to detect suspicious activities, according to a report by Malwarebytes.