Tuesday , December 3 2024

International

CISA reveals 2 Industrial Control Systems Advisories

CISA

On October 1, 2024, CISA released two advisories regarding Industrial Control Systems (ICS), highlighting current security issues, vulnerabilities, and exploits in the field. ICSA-24-275-01 Optigo Networks ONS-S8 Spectra Aggregation Switch: Successful exploitation of these vulnerabilities could allow an attacker to achieve remote code execution, arbitrary file upload, or bypass authentication. …

Read More »

NIST unveils new password guidelines 2024: 11 rules to follow

nist

The National Institute of Standards and Technology (NIST) has issued new guidelines for password security, representing a major change from standard practices. These new recommendations, outlined in NIST Special Publication 800-63B, aim to enhance cybersecurity while improving user experience. NIST has changed its approach to password complexity. Instead of requiring …

Read More »

Meta fined $101 million for storing passwords in plaintext

photo

Meta was fined over $100 million by the EU privacy regulator on Friday due to a security issue with Facebook users’ passwords. The Irish Data Protection Commission fined the U.S. tech company 91 million euros ($101.6 million) after an investigation. The watchdog opened an investigation in 2019 after Meta reported …

Read More »

CISA Releases Guideline mitigating Active Directory compromise

cisa

To improve cybersecurity, the Cybersecurity and Infrastructure Security Agency (CISA) has partnered with international agencies to release a guide on detecting and addressing Active Directory compromises. This guidance, from the ASD, NSA, CCCS, NCSC-NZ, and NCSC-UK, informs organizations about common techniques used by cybercriminals to target Microsoft Active Directory. Active …

Read More »

India launches first Al-powered network solution for spam detection

mobile

India’s Bharti Airtel has launched India’s first AI-powered solution that detects spam calls and messages, alerting customers in real-time. The free service automatically activates for all users, detecting millions of spam messages daily to improve customer security. Airtel announces a free tool that will automatically alert customers in real-time about …

Read More »

Kaspersky Automatically Replaces With UltraAV, Raising Concerns

kaspersky

Kaspersky has formally begun pulling back its offerings in the U.S., migrating existing users to UltraAV, effective September 19, 2024, ahead of its formal exit at the end of the month. “Kaspersky antivirus customers received a software update facilitating the transition to UltraAV,” the company said in a post announcing …

Read More »

Dell to investigate data breach claim after hacker leaks info

Dell

Dell is investigating claims of a data breach after a threat actor leaked information on over 10,000 employees. “We are aware of the claims and our security team is currently investigating,” Dell told BleepingComputer. A hacker called “grep” claims that Dell suffered a “minor” data breach, stealing over 10,000 employee …

Read More »

Microsoft patch September 2024 fixes 4 zero-days, 79 flaws

Microsoft

Microsoft patched September 2024 Tuesday addressing 79 vulnerabilities, including four actively exploited zero-days which covers critical flaws in Windows Installer, MoTW, Publisher, and Windows Update. Those flaw are mentioned in September 2024 patch Tuesday are rated as critical, most of which were either remote code execution (RCE) or elevation of …

Read More »