Fortinet on Wednesday announced the acquisition of Israeli security company Perception Point. Perception Point provides solutions for securing email, collaboration platforms, web browsers, and cloud storage applications, which enable Fortinet to expand and enhance its offering.  Fortinet said it acquired Perception Point for features such as advanced threat detection, browser security, image and file scanning, […]

The speed at which Artificial Intelligence (AI) continues to expand is unprecedented, particularly since GenAI catapulted into the market in 2022. Today AI works at a much faster pace than human output, which is what makes this technology so appealing to leaders who are focused on streamlining operations, productivity gains and cost efficiencies. But for […]

For years, Chinese law enforcement has been using a lawful surveillance tool to collect extensive data from Android devices, cybersecurity firm Lookout reports. Dubbed EagleMsgSpy and created by a Chinese software development company, the tool has been in use since at least 2017, and has only been deployed through physical access to the victims’ devices. […]

Non-human identity management firm Oasis Security has disclosed the details of an attack that allowed its researchers to bypass Microsoft’s multi-factor authentication (MFA) implementation. The attack method, dubbed AuthQuake, was reported to Microsoft in late June and a temporary fix was rolled out a few days later. The tech giant released a permanent fix in […]

An international law enforcement operation targeting distributed denial-of-service (DDoS) services has led to the takedown of 27 websites and the arrest of three suspects. Referred to as booter or stresser services, these platforms allowed miscreants to launch DDoS attacks against websites and other web-based services to render them unusable. On Wednesday, Europol announced the takedown […]

Enterprise software maker Cleo on Wednesday released updates for several file transfer tools to patch an actively exploited vulnerability. In the meantime, security firms are conducting an analysis of the flaw, as well as the malware delivered by threat actors in the observed attacks. An improperly patched vulnerability affecting Cleo’s Harmony, VLTrader, and LexiCom file […]

Threat actors have been exploiting two vulnerabilities in the Hunk Companion and WP Query Console WordPress plugins to gain persistent backdoor access to vulnerable websites, WPScan reports. Hunk Companion, a website development plugin designed to boost the functionality of ThemeHunk WordPress themes, is vulnerable to a missing capability check that allows attackers to install and […]

It’s Patch Wednesday in Cupertino. Apple’s security response team pushed out major security updates to fix security flaws across the iOS and macOS ecosystems, warning of risks of data leakage, sandbox escapes and code execution attacks. The company called immediate attention to its iOS 18.2 and macOS Sequoia 15.2 patches, warning of flaws in the […]

Donut and coffee retail chain Krispy Kreme on Wednesday confirmed a cyberattack led to operational disruptions of operations, including its online ordering system. The North Carolina company posted a message on its website referencing a “cybersecurity incident” but did not share any additional details. The incident has all the hallmarks of a data-extortion ransomware attack […]

Academic researchers have devised a new attack that relies on cheap equipment to provide false information to the system processor during startup and break AMD’s latest trusted execution environment guarantees. Called BadRAM, the new attack uses $10 off-the-shelf equipment to break AMD SEV-SNP (Secure Encrypted Virtualization-Secure Nested Paging), cutting-edge memory integrity protections that rely on […]