Security
Headlines
HeadlinesLatestCVEs

Tag

#cisco

What NIST’s latest password standards mean, and why the old ones weren’t working

Rather than setting a regular cadence for changing passwords, users only need to change their passwords if there is evidence of a breach.

TALOS
#vulnerability#web#mac#windows#microsoft#linux#cisco#git#intel#rce#pdf#auth
Ghidra data type archive for Windows driver functions

Cisco Talos is releasing a GDT file on GitHub that contains various definitions for functions and data types.

CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Fortinet products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-23113 (CVSS score: 9.8), relates to cases of remote code execution that affects FortiOS, FortiPAM, FortiProxy, and FortiWeb. "A

Risk Strategies Drawn From the EU AI Act

The EU AI Act provides a governance, risk, and compliance (GRC) framework that helps organizations take a risk-based approach to using AI.

AI-Augmented Email Analysis Spots Latest Scams, Bad Content

Multimodal AI systems can help enterprise defenders weed out fraudulent emails, even if the system has not seen that type of message before.

69,000 Bitcoins Are Headed for the US Treasury—While the Agent Who Seized Them Is in Jail

The $4.4 billion in crypto is set to be the largest pile of criminal proceeds ever sold off by the US. The former IRS agent who seized the recording-breaking sum, meanwhile, languishes in a Nigerian jail cell.

Vulnerability in popular PDF reader could lead to arbitrary code execution; Multiple issues in GNOME project

Talos also discovered three vulnerabilities in Veertu’s Anka Build, a suite of software designed to test macOS or iOS applications in CI/CD environments.

Microsoft: Creative Abuse of Cloud Files Bolsters BEC Attacks

Since April, attackers have increased their use of Dropbox, OneDrive, and SharePoint to steal the credentials of business users and conduct further malicious activity.

Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild

Microsoft has released security updates to fix a total of 118 vulnerabilities across its software portfolio, two of which have come under active exploitation in the wild. Of the 118 flaws, three are rated Critical, 113 are rated Important, and two are rated Moderate in severity. The Patch Tuesday update doesn't include the 25 additional flaws that the tech giant addressed in its Chromium-based