Tag: pro

Russian hackers with military links charged after critical infrastructure attacks

US intelligence services have charged a group of five Russian hackers linked to Unit 29155 of Russia’s Main Directorate of the General Staff of the Armed Forces (GRU), as well as one civilian hacker working for the Russian Government. This puts the Russian military intelligence agency at the center of…

Read More

Veeam patches multiple critical remote code execution flaws

Data backup and cloud data management company Veeam said it released multiple patches which fix more than a dozen flaws impacting different products. In a security advisory published earlier this week, Veeam said that it fixed a total of 18 bugs, five of which were deemed critical in severity. The…

Read More

Critical remote code execution vulnerability discovered in Microsoft Windows Wi-Fi drivers

A new critical cybersecurity threat has been discovered by CYFIRMA Research, involving a severe remote code execution (RCE) vulnerability identified as CVE-2024-30078. This flaw affects the Wi-Fi drivers in multiple versions of Microsoft Windows, posing a potential risk to over 1.6 billion active devices worldwide. The vulnerability could allow malicious…

Read More

It’s time to start intense scrutiny of SaaS apps as more organizations fall prey to exploits despite higher budgets

Software as a Service (SaaS) is a cloud-based software delivery model where apps are hosted by a service provider and made available to users over the Internet. With this model, apps are easy to adopt and use. However, a recent report from AppOmni reveals that one-third of companies surveyed reported…

Read More

Taiwan has accused Chinese firms of poaching their tech engineers

An investigation into Chinese chip making companies has determined that eight firms were allegedly in violation of Taiwanese law. This is the latest development in global ambitions to develop crucial technologies used in AI, phones, and cars. Amongst those accused is Naura Technology Group, one of the suppliers to China’s…

Read More

Critical server-side vulnerability in Microsoft Copilot Studio gives illegal access to internal infrastructure

A critical vulnerability has been discovered in Microsoft’s Copilot Studio, posing significant risks to sensitive internal data. This flaw, identified as a server-side request forgery (SSRF), allows unauthorized access to internal infrastructure, potentially impacting multiple tenants. The flaw identified by Tenable’s Research Team is attributed to improper handling of redirect…

Read More