top of page
world-map_edited.jpg

Latest Cybersecurity News

20 December 2024 at 4:15:37 pm

Did you know Apple issues spyware threat alerts to high-risk users?

Aleksandar Anastasov

Apple’s silent threat notifications are helping high-risk users protect themselves from mercenary spyware attacks like Pegasus. These alerts, combined with features like Lockdown Mode, are redefining cybersecurity for vulnerable individuals.
20 December 2024 at 6:12:07 pm

The US Consumer Financial Protection Bureau sues Zelle and four of its partner banks

feedfeeder

On Friday, the Consumer Financial Protection Bureau (CFPB) sued four financial companies involved with Zelle. The CFPB’s lawsuit (via CNBC) accuses Zelle’s operator (Early Warning Services) and three of the service’s partner banks — JPMorgan Chase, Bank Of Am…
20 December 2024 at 6:00:37 pm

Perfect Work-From-Home Structure: A Manager's Guide For 2025

Nidhi Dubey

Discover the ultimate guide to building a perfect work-from-home structure for 2025. Learn how managers can leverage technology, foster collaboration, and ensure employee well-being while leading successful remote teams. This post was first published on eLear…
20 December 2024 at 5:35:57 pm

YouTubers are reportedly losing their channels due to crypto scammers and one got his back, only to have it terminated once again for a 'trademark' claim

James Bentley

A severe emotional whiplash.
20 December 2024 at 6:04:40 pm

Databricks raises a cool $10B as the boom in AI models rages on

Robert Hof

The bottomless pit of funding for all things artificial intelligence remains… bottomless. Case in point: This week Databricks raised more money than God. That’s going to be one monster IPO next year (maybe) if the economy holds up. Meanwhile, Perplexity raise…
20 December 2024 at 4:14:56 pm

Ambient Listening on the Front End; AI & Automation on the Back End Poised to Improve RCM, KLAS Finds

Anthony Guerra

RCM is increasingly recognized as the backbone of financial stability and operational efficiency in healthcare systems. The 2024 KLAS Revenue Cycle Management Summit, held in October, gathered 117 leaders from health systems, software vendors, service firms, …
20 December 2024 at 5:57:14 pm

The US Consumer Financial Protection Bureau sues Zelle and four of its partner banks

Will Shanklin

On Friday, the Consumer Financial Protection Bureau (CFPB) sued four financial companies involved with Zelle. The CFPB’s lawsuit (via CNBC) accuses Zelle’s operator (Early Warning Services) and three of the service’s partner banks — JPMorgan Chase, Bank Of Am…
20 December 2024 at 8:37:20 pm

This Week in AI: Security Flaw Exposes AI Giants While Robot Workers Get Upgrade

PYMNTS

This week in AI, security researchers stole artificial intelligence models with near-perfect accuracy by capturing electromagnetic signals, as MIT unveiled a robot system that can handle odd-shaped warehouse packages with 80% success. Meanwhile, three nations…
20 December 2024 at 8:11:54 pm

Fifth Circuit: Salesforce Can’t Use Section 230 To Get Out Of Sex Trafficking Case, Because It Only Provided CRM Software, Not Content Moderation

Mike Masnick

A second appeals court has now said that Section 230 doesn’t protect Salesforce, the online software giant, from being held liable for sex trafficking, because Backpage… used Salesforce’s software. If all of this sounds a bit crazy, buckle up. First, you need…
20 December 2024 at 6:51:26 pm

Why Apple’s approach to alerting victims of spyware attacks is the right one

MacDailyNews

For several years, Apple has notified individuals targeted by government spyware, alerting them to potential compromises and directing… The post Why Apple’s approach to alerting victims of spyware attacks is the right one appeared first on MacDailyNews.
20 December 2024 at 10:41:23 pm

OpenAI details o3 reasoning model with record-breaking benchmark scores

Maria Deutscher

OpenAI today detailed o3, its new flagship large language model for reasoning tasks. The model’s introduction caps off a 12-day product announcement series that started with the launch of a new ChatGPT plan. ChatGPT Pro, as the $200 per month subscription is …
20 December 2024 at 10:55:00 pm

Strengthening open source: A roadmap to enhanced cybersecurity

Joel Krooswyk

COMMENTARY | Open-source software is a cornerstone of American innovation, underpinning critical infrastructure and driving economic growth.

CVE-2024-38189

Microsoft Project Remote Code Execution Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38189

CVE-2024-38106

Microsoft Windows Kernel Privilege Escalation Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38106

CVE-2021-33045

Dahua IP Camera Authentication Bypass Vulnerability
https://www.dahuasecurity.com/aboutUs/trustedCenter/details/582

CVE-2023-43208

NextGen Healthcare Mirth Connect Deserialization of Untrusted Data Vulnerability
This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://github.com/nextgenhealthcare/connect/wiki/4.4.1---What%27s-New

CVE-2024-24919

Check Point Quantum Security Gateways Information Disclosure Vulnerability
https://support.checkpoint.com/results/sk/sk182336

CVE-2024-36401

OSGeo GeoServer GeoTools Eval Injection Vulnerability
This vulnerability affects an open-source component, third-party library, or a protocol used by different products. For more information, please see: https://github.com/geoserver/geoserver/security/advisories/GHSA-6jj6-gm7p-fcvv, https://github.com/geotools/geotools/pull/4797

CVE-2022-22948

VMware vCenter Server Incorrect Default File Permissions Vulnerability
https://www.vmware.com/security/advisories/VMSA-2022-0009.html

CVE-2024-4978

Justice AV Solutions (JAVS) Viewer Installer Embedded Malicious Code Vulnerability
Please follow the vendor’s instructions as outlined in the public statements at https://www.rapid7.com/blog/post/2024/05/23/cve-2024-4978-backdoored-justice-av-solutions-viewer-software-used-in-apparent-supply-chain-attack#remediation and https://www.javs.com/downloads

CVE-2024-38178

Microsoft Windows Scripting Engine Memory Corruption Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38178

CVE-2024-4040

CrushFTP VFS Sandbox Escape Vulnerability
https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update&version=34

CVE-2024-23296

Apple Multiple Products Memory Corruption Vulnerability
https://support.apple.com/en-us/HT214081, https://support.apple.com/en-us/HT214082, https://support.apple.com/en-us/HT214084, https://support.apple.com/en-us/HT214086, https://support.apple.com/en-us/HT214088

CVE-2024-20399

Cisco NX-OS Command Injection Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmd-injection-xD9OhyOP
bottom of page