Security News > 2024

The point-of-sale (PoS) terminals from PAX Technology are impacted by a collection of high-severity vulnerabilities that can be weaponized by threat actors to execute arbitrary code. The STM Cyber...

Wing Security announced today that it now offers free discovery and a paid tier for automated control over thousands of AI and AI-powered SaaS applications. This will allow companies to better...

"At least, that's true today, with today's programmers using today's AI assistants." "Overall, we find that participants who had access to an AI assistant based on OpenAI's codex-davinci-002 model wrote significantly less secure code than those without access."

The latest Windows Server 2022 patch has broken the Chrome browser, and short of uninstalling the update, a registry hack is the only way to restore service for affected users. KB5034129 is a security update for Windows Server 2022 and was released on January 9, 2024.

Kaspersky's researchers have developed a lightweight method to detect indicators of infection from sophisticated iOS spyware such as NSO Group's Pegasus, QuaDream's Reign, and Intellexa's Predator through analyzing a log file created on iOS devices. "The sysdiag dump analysis proves to be minimally intrusive and resource-light, relying on system-based artifacts to identify potential iPhone infections. Having received the infection indicator in this log and confirmed the infection using Mobile Verification Toolkit processing of other iOS artifacts, this log now becomes part of a holistic approach to investigating iOS malware infection," said Maher Yamout, Lead Security Researcher at Kaspersky's Global Research and Analysis Team.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned that threat actors deploying the AndroxGh0st malware are creating a botnet for...

In the digital age, the battleground for security professionals is not only evolving, it's expanding at an alarming rate. The upcoming webinar, "The Art of Privilege Escalation - How Hackers...

Cybersecurity researchers have identified a "lightweight method" called iShutdown for reliably identifying signs of spyware on Apple iOS devices, including notorious threats like NSO...

In the new stable release of the Chrome browser, Google has fixed three security vulnerabilities affecting the V8 engine, including one zero-day with an existing exploit.V8 is an open-source JavaScript and WebAssembly engine developed by the Chromium Project for Chromium and Google Chrome web browsers.

Another week and yet another couple of pesky cold callers face fines from the UK's data privacy watchdog for "Bombarding" unsuspecting households with marketing messages about home improvements. Poxell, which specializes in energy saving products including double glazing and resin driveways, is being penalized to the tune of £150,000 by the Information Commissioner's Office for making 2.6 million marketing calls between March and July 2022, resulting in 413 complaints to the data regulator.