BleepingComputer.com

"Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 12 April 2024, 1445 UTC.

Content and Source:  https://www.bleepingcomputer.com/BleepingComputer.com.

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks

  • Today, Palo Alto Networks warns that an unpatched critical command injection vulnerability in its PAN-OS firewall is being actively exploited in attacks.

  • Microsoft Office
     

Add Office to your Mac or Windows laptop for an extra 20% off

  • Get Microsoft Office Professional Plus 2019 for Windows and Microsoft Office Home & Business 2019 for $31.99.

    • BLEEPINGCOMPUTER DEALS
    •  
    • APRIL 12, 2024
    •  
    • 07:19 AM
    •  
    • Comment Count 0
  • CISA
     

CISA makes its "Malware Next-Gen" analysis system publicly available

  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new version of "Malware Next-Gen," now allowing the public to submit malware samples for analysis by CISA.

  • OpenTable
     

OpenTable is adding your first name to previously anonymous reviews

  • Restaurant reservation platform OpenTable says that all reviews on the platform will no longer be fully anonymous starting May 22nd and will now show members' profile pictures and first names.

  • LastPass
     

LastPass: Hackers targeted employee in failed deepfake CEO call

  • LastPass revealed this week that threat actors targeted one of its employees in a voice phishing attack, using deepfake audio to impersonate Karim Toubba, the company's Chief Executive Officer.

  • Hoya
     

Optics giant Hoya hit with $10 million ransomware demand

  • A recent cyberattack on Hoya Corporation was conducted by the 'Hunters International' ransomware operation, which demanded a $10 million ransom for a file decryptor and not to release files stolen during the attack.

  • Raspberry Pi
     

Learn how IoT gear works with $220 off this Raspberry Pi training bundle

  • There's nothing like building your own equipment to your exact specifications. This 10-course open-source IoT bundle shows you how for $29.99, $220 off the $250 MSRP.

    • BLEEPINGCOMPUTER DEALS
    •  
    • APRIL 11, 2024
    •  
    • 02:07 PM
    •  
    • Comment Count 0
  • CISA
     

CISA orders agencies impacted by Microsoft hack to mitigate risks

  • CISA has issued a new emergency directive ordering U.S. federal agencies to address risks resulting from the breach of multiple Microsoft corporate email accounts by the Russian APT29 hacking group.

  • Server Warning
     

Intel and Lenovo servers impacted by 6-year-old BMC flaw

  • An almost 6-year-old vulnerability in the Lighttpd web server used in Baseboard Management Controllers has been overlooked by many device vendors, including Intel and Lenovo.

  • Sisense
     

CISA says Sisense hack impacts critical infrastructure orgs

  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is investigating the recent breach of data analytics company Sisense, an incident that also impacted critical infrastructure organizations.

  • Apple
     

Apple: Mercenary spyware attacks target iPhone users in 92 countries

  • Apple has been notifying iPhone users in 92 countries about a "mercenary spyware attack" attempting to remotely compromise their device.

  • How to automate up to 90% of IT offboarding tasks
     
    SPONSORED CONTENT

How to automate up to 90% of IT offboarding tasks

  • Employee offboarding isn't anybody's favorite task—but it's a critical IT process that needs to be executed diligently and efficiently. Learn more from Nudge Security on automating offboarding of users in a secure manner.

  • DuckDuckGo
     

DuckDuckGo launches a premium Privacy Pro VPN service

  • DuckDuckGo has launched a new paid-for 3-in-1 subscription service called 'Privacy Pro,' which includes a virtual private network (VPN), a personal data removal service, and an identity theft restoration solution.

  • AdGuard Home
     

Get a data privacy suite with an extra 20% off an AdGuard bundle

  • Malware, snoops, and badly coded software are everyone online. Keep them from compromising your machines with this three-year AdGuard subscription set for $23.99, $269 off the $293 MSRP with code ENJOY20 at checkout, now through 11:59 pm PST on April 16th.

    • BLEEPINGCOMPUTER DEALS
    •  
    • APRIL 11, 2024
    •  
    • 07:16 AM
    •  
    • Comment Count 0
  • Google Chrome
     

Chrome Enterprise gets Premium security but you have to pay for it

  • Google has announced a new version of its browser for organizations, Chrome Enterprise Premium, which comes with extended security controls for a monthly fee per user.

  • Google Workspace
     

Google Workspace rolls out multi-admin approval feature for risky changes

  • Google is rolling out a new Workspace feature that requires multiple admins to approve high-risk setting changes to prevent unauthorized or accidental modifications that could reduce security.

  • NIST
     

Train in IT risk management with $120 off a NIST training course

  • Knowledge of NIST risk management frameworks prepares you for any IT security approach, regardless of the vendors involved. This detailed IT risk management training course gets you up to speed for $39.99, $120 off the $160 MSRP.

    • BLEEPINGCOMPUTER DEALS
    •  
    • APRIL 10, 2024
    •  
    • 02:09 PM
    •  
    • Comment Count 0
  • Intel
     

New Spectre v2 attack impacts Linux systems on Intel CPUs

  • Researchers have demonstrated the "first native Spectre v2 exploit" for a new speculative execution side-channel flaw that impacts Linux systems running on many modern Intel processors.

  • Artificial Intelligence AI
     

Malicious PowerShell script pushing malware looks AI-written

  • A threat actor is using a PowerShell script that was likely created with the help of an artificial intelligence system such as OpenAI's ChatGPT, Google's Gemini, or Microsoft's CoPilot.

  • AT&T ATT
     

AT&T now says data breach impacted 51 million customers

  • AT&T is notifying 51 million former and current customers, warning them of a data breach that exposed their personal information on a hacking forum. However, the company has still not disclosed how the data was obtained.

VIEW MORE

Comments

Popular posts from this blog

SecurityWeek Briefing.

Cyber War Newswire

SecurityWeek Briefing.