TechCrunch reports that popular phone tracking app iSharing had the exact location details of its more than 35 million users exposed due to vulnerabilities that prevented the app's servers from conducting proper checks of user data access.
Moldovan botnet operator Alexander Lefterov, also known as Alipatime, Alipako, and Uptime, has been indicted by the U.S. Department of Justice for his involvement in widespread attacks against U.S.-based computers, BleepingComputer reports.
SecurityWeek reports that Siemens has confirmed that its Ruggedcom APE1808 devices configured with a Palo Alto Networks virtual next-generation firewall may be impacted by the actively exploited Palo Alto Networks firewall vulnerability, tracked as CVE-2024-3400.
Vulnerable CrushFTP file transfer server software instances impacted by a critical virtual file system escape zero-day have been subjected to ongoing targeted attacks that could enable the download of system files, Security Affairs reports.
BleepingComputer reports that ongoing attacks exploiting the critical Palo Alto Networks PAN-OS command injection flaw, tracked as CVE-2024-3400, could still compromise nearly 22,500 Palo Alto GlobalProtect firewall instances around the world despite the availability of patches.
BlackBerry researchers disclosed that a major U.S.-based multinational automaker had been targeted by the FIN7 hacking group in a spear-phishing attack late last year that sought to facilitate systems compromise with the Anunak malware, BleepingComputer reports.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.