Aggregator

Как схема заработка Pay-Per-Click превращается в Click-To-Hack.

No, But It Will Shift Their Focus to More Strategic and Creative Roles
Artificial intelligence is reshaping cybersecurity workflows, automating tasks and enhancing efficiency. But does that mean security professionals are at risk of being replaced? Not quite. AI is redefining roles, rather than eliminating them, to focus more on strategic thinking and problem-solving.

Legacy apps and medical devices continue to pose persistent and considerable risk to healthcare IT environments, and many organizations are still unaware of their prevalence in their settings, said Keith Fricke, partner and principal consultant at tw-Security, who discusses mitigation steps to take.

State privacy laws, such as Washington State's My Health My Data Act, could throw a curve ball in the use of certain consumer information for artificial intelligence and machine learning endeavors, said regulatory attorney Adam Greene of the law firm Davis Wright Tremaine.

Also: BianLian Ransomware Hackers Aren't Really Mailing You
This week, the U.S. sanctioned the Nemesis admin, Poco RAT spotted in Latin America, Apple challenged a British order to weaken encryption and the FBI warned against scam letters purportedly from BianLian. Also, a Nigerian tax scammer extradited to the U.S., a new botnet and a Webex vulnerability.

Trump's Former Cybersecurity Coordinator Says DOGE Firings Threaten Cybersecurity
Mass firings of federal probationary civil servants instigated by the Department of Government Efficiency will "destroy a pipeline of top talent," said Rob Joyce, a long-time National Security Agency official.

Armis' Purchase of Otorio Enhances On-Prem Security, Active Querying and Compliance
Armis' acquisition of Otorio for $120 million strengthens its on-premises operational technology security capabilities. The deal expands Armis' ability to serve air-gapped and compliance-driven industries while integrating secure remote access and active querying into its security platform.

Probe Into Microsoft's $13 Billion OpenAI Investment Launched in 2023
The U.K. antitrust regulator won't open an investigation into a partnership between computing giant Microsoft and artificial intelligence company OpenAI. U.K. Competition Market Authority concludes that there is no "relevant merger situation."

Hitachi Energyが提供する複数の製品には、複数の脆弱性が存在します。

A vulnerability, which was classified as critical, was found in libxlsv 1.6.2. Affected is the function transcode_latin1_to_utf8 of the file xlstool.c of the component XLS File Handler. The manipulation leads to buffer overflow. This vulnerability is traded as CVE-2023-38854. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in NICMx Fort up to 1.6.4. This affects an unknown part of the component Manifest Handler. The manipulation of the argument manifestNumber/thisUpdate leads to incorrect comparison. This vulnerability is uniquely identified as CVE-2024-56170. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in stb_image and classified as problematic. This vulnerability affects the function stbi__gif_load_next of the component Image Handler. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2023-45661. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in rbenv. Affected by this issue is some unknown functionality. The manipulation leads to path traversal. This vulnerability is handled as CVE-2017-1000047. The attack may be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in GnuPG up to 2.2.17. This affects an unknown part of the component SHA1 Handler. The manipulation as part of Certificate leads to risky cryptographic algorithm. This vulnerability is uniquely identified as CVE-2019-14855. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in MongoDB C Driver, PHP Driver, Swift Driver, Node.js Driver and C++ Driver. It has been classified as problematic. Affected is an unknown function. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2021-32050. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Red Hat Ansible up to 2.x/3.5. It has been rated as problematic. This issue affects some unknown processing of the component Log Handler. The manipulation leads to sensitive information in log files (Credentials). The identification of this vulnerability is CVE-2019-14846. Attacking locally is a requirement. There is no exploit available.

A vulnerability was found in Red Hat Ansible Engine up to 2.7.15/2.8.7/2.9.2 and classified as critical. This issue affects some unknown processing of the component solaris_zone. The manipulation leads to os command injection. The identification of this vulnerability is CVE-2019-14904. Local access is required to approach this attack. There is no exploit available.

A vulnerability was found in Red Hat Ansible Engine up to 2.9.5. It has been classified as problematic. This affects an unknown part of the component Template Caching. The manipulation leads to insufficiently random values. This vulnerability is uniquely identified as CVE-2020-10729. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 135. It has been rated as problematic. Affected by this issue is the function String.toUpperCase. The manipulation leads to uninitialized pointer. This vulnerability is handled as CVE-2025-1942. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Threat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025. "The attacker has exploited the vulnerability CVE-2024-4577, a remote code execution (RCE) flaw in the PHP-CGI implementation of PHP on Windows, to gain initial access to victim machines," Cisco Talos researcher Chetan Raghuprasad said in a technical