This week in the security news: Malware-laced printer drivers, Unicode steganography, Rhode Island may sue Deloitte for breach. They may even win. Japan's active cyber defense law, Stop with the ping, LLMs replace Stack Overflow - ya don't say?, Aggravated identity theft is aggravating, Ivanti DSM and why you shouldn't use it, EDR is still playing ...
This week in the security news: Android catches up to iOS with its own lockdown mode, Just in case, there is a new CVE foundation, Branch privilege injection attacks, My screen is vulnerable, The return of embedded devices to take over the world - 15 years later, Attackers are going after MagicINFO, Hacking Starlink, Mitel SIP phones can be hacked,...
Sudo watch this show, Hallucinations, Kickidler, Powershool redux, Old Man Router, PSMU, Aaran Leyland, and More, on this edition of the Security Weekly News.
Ongoing attacks leveraging a pair of critical operating system command injection flaws impacting GeoVision Internet of Things devices, tracked as CVE-2024-6047 and CVE-2024-11120, have prompted their inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal agencies urged to remediate the security flaws by May 28, according to Security Affairs.
Security news for this week: RDP and credentials that are not really revoked, and some RDP bitmap caching fun, Some magic info on MagicINFO, Vulnerability Management Zombies, There is a backdoor in your e-commerce, Airborne: vulnerabilities in AirPlay, Bring your own installer - crafty EDR bypass, The Signal clone used by US government officials: s...
Attacks aimed at the end-of-life GeoVision IoT devices involved an exploit using the operating system command injection bugs, tracked as CVE-2024-6047 and CVE-2024-11120.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
