"SAP patches critical vulnerability in NetWeaver."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 10 December 2024, 1418 UTC.

Content and Source:  Email subscription via https://feedly.com.   https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Ffeeds.feedburner.com%2FSecurityweek

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

SecurityWeek

82K followers40 articles per week#security#tech

15

Today

SAP Patches Critical Vulnerability in NetWeaver

by Ionut Arghire / 22min

SAP has released patches for 16 vulnerabilities, including a critical-severity SSRF bug in NetWeaver (Adobe Document Services). The post appeared first on SecurityWeek .

Microsoft Bets $10,000 on Prompt Injection Protections of LLM Email Client

Microsoft offers $10K for AI hackers

•

by Ionut Arghire / 51min

Microsoft offers $10,000 in rewards to researchers who can manipulate a realistic simulated LLM-integrated email client. The post appeared first on SecurityWeek .

Webinar Today: Inside a Hacker’s Playbook – How Cybercriminals Use Deepfakes

by SecurityWeek News / 59min

Join the live, eye-opening session that pulls back the curtain on how bad actors exploit social engineering tactics, like deepfake technology and Business Email Compromise (BEC). The post appeared first on SecurityWeek .

Astrix Security Banks $45M Series B to Secure Non-Human Identities

by Ryan Naraine / 1h

Tel Aviv company building software to secure non-human identities banks a $45 million funding round led by Menlo Ventures. The post appeared first on SecurityWeek .

Cisco Says Flaws in Industrial Routers, BGP Tool Remain Unpatched 8 Months After Disclosure

2 TTPs

•

by Eduard Kovacs / 1h

Cisco Talos has disclosed the details of apparently unpatched vulnerabilities in MC Technologies industrial routers and the GoCast BGP tool. The post appeared first on SecurityWeek .

Microsoft Rolls Out Default NTLM Relay Attack Mitigations

Adversary-in-the-Middle (Enterprise T1557)

•

by Ionut Arghire / 2h

Microsoft has rolled out new default security protections that mitigate NTLM relaying attacks across on-premises Exchange, AD CS, and LDAP services. The post appeared first on SecurityWeek .

$50 Million Radiant Capital Heist Blamed on North Korean Hackers

Radiant Capital suffers $50M cyberattack

•

by Ionut Arghire / 4h

Radiant Capital says a North Korean threat actor stole $50 million in assets in a sophisticated October attack. The post appeared first on SecurityWeek .

Yesterday

Critical OpenWrt Flaw Exposes Firmware Update Server to Exploitation

Process Injection (Enterprise T1055)

•

by Ryan Naraine / 19h

The CVE-2024-54143 vulnerability affects the OpenWrt sysupgrade server and exposes users to risks of installing malicious firmware images. The post appeared first on SecurityWeek .

Medical Device Maker Artivion Scrambling to Restore Systems After Ransomware Attack

Cybersecurity incidents reported by companies

•

by Ionut Arghire / 1d

Medical devices manufacturer Artivion says a ransomware attack caused disruptions to order and shipping processes. The post appeared first on SecurityWeek .

QNAP Patches Vulnerabilities Exploited at Pwn2Own

2 TTPs

•

by Ionut Arghire / 1d

QNAP has released patches for multiple high-severity QTS and QuTS Hero vulnerabilities disclosed at the Pwn2Own Ireland 2024 hacking contest. The post appeared first on SecurityWeek .

Blue Yonder Probing Data Theft Claims After Ransomware Gang Takes Credit for Attack

3 TTPs

•

by Eduard Kovacs / 1d

•

Blue Yonder suffers ransomware attack

The Blue Yonder ransomware attack that caused disruptions to Starbucks and major grocery stores may have also involved information theft. The post appeared first on SecurityWeek .

Deloitte Responds After Ransomware Group Claims Data Theft

4 TTPs

•

by Eduard Kovacs / 1d

•

Deloitte UK suffers Brain Cipher breach

Deloitte has issued a response after the Brain Cipher ransomware group claimed to have stolen over 1 Tb of information belonging to the company. The post appeared first on SecurityWeek .

Eight Suspected Phishers Arrested in Belgium, Netherlands

International operation against phone phishing

•

by Ionut Arghire / 1d

Belgian and Dutch authorities arrested eight individuals for their alleged involvement in phishing, online scams, and money laundering operations. The post appeared first on SecurityWeek .

Anna Jaques Hospital Data Breach Impacts 316,000 People

Anna Jaques Hospital data breach

•

by Ionut Arghire / 1d

Anna Jaques Hospital says the personal information of over 316,000 individuals was compromised in a year-old data breach. The post appeared first on SecurityWeek .

The EU Makes an Urgent TikTok Inquiry on Russia’s Role in Romanian Election Turmoil

EU orders TikTok to preserve election data

•

by Associated Press / 1d

EU sent TikTok an urgent request for more information about Romanian intelligence files suggesting that Russia coordinated influencers to promote a candidate who became the surprise front-runner in presidential election. The post appeared first on SecurityWeek .

End of feed