Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

Critical Apache Avro SDK Flaw Allows Remote Code Execution in Java Applications

A critical security flaw has been disclosed in the Apache Avro Java Software Development Kit (SDK) that, if successfully exploited, could allow the execution of arbitrary code on susceptible instances. The flaw, tracked as CVE-2024-47561, impacts all versions of the software prior to 1.11.4. "Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute

The Hacker News
#vulnerability#google#apache#java#intel#rce#The Hacker News
THN Cybersecurity Recap: Top Threats and Trends (Sep 30 - Oct 6)

Ever heard of a "pig butchering" scam? Or a DDoS attack so big it could melt your brain? This week's cybersecurity recap has it all – government showdowns, sneaky malware, and even a dash of app store shenanigans. Get the scoop before it's too late! ⚡ Threat of the Week Double Trouble: Evil Corp & LockBit Fall: A consortium of international law enforcement agencies took steps to arrest four

Stealthy Malware Has Infected Thousands of Linux Systems for Years

Perfctl malware is hard to detect, persists after reboots, and can perform a breadth of malicious activities.

Dutch Police Hacked, 63,000 Officers’ Details Exposed

A foreign government is believed to have hacked into the Dutch police force’s systems, exposing the contact details…

The FBI Still Hasn’t Cracked NYC Mayor Eric Adams’ Phone

Plus: Harvard students pack Meta’s smart glasses with privacy-invading face-recognition tech, Microsoft and the DOJ seize Russian hackers’ domains, and more.

ABB Cylon Aspect 3.07.02 Authenticated File Disclosure

ABB Cylon Aspect version 3.07.02 suffers from an authenticated arbitrary file disclosure vulnerability. Input passed through the file GET parameter through the downloadDb.php script is not properly verified before being used to download database files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks.

MITRE Launches AI Incident Sharing Initiative

The collaboration with industry partners will improve collective AI defenses. Trusted contributors receive protected and anonymized data on real-world AI incidents.

Insider Threat Damage Balloons as Visibility Gaps Widen

A growing number of organizations are taking longer to get back on their feet after an attack, and they're paying high price tags to do so — up to $2M or more.

Microsoft, DOJ Dismantle Russian Hacker Group Star Blizzard

The successful disruption of notorious Russian hacker group Star Blizzard's operations arrives one month out from the US presidential election — one of the APT's prime targets.

DoJ, Microsoft Seize 100 Russian Phishing Sites Targeting US

DoJ and Microsoft seized over 100 sites used by Russian hackers for phishing campaigns targeting the U.S. The…