Security Affairs

JULY 10, 2024

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows and Rejetto HTTP File Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2024-23692 Rejetto HTTP File Server Improper Neutralization of Special Elements Used in a Template Engine Vulnerability CVE-2024-38080 Microsoft Windows Hyper-V Privilege Esc

IT 349

IT Cybersecurity Risk Security 349

WIRED Threat Level

JULY 10, 2024

Deepfake scam services. Victim data. Electrified shackles for human trafficking. Crypto tracing firm Elliptic found all were available for sale on an online marketplace linked to Cambodia’s ruling family.

Sales 330

Sales Security 330

Security Affairs

JULY 10, 2024

A vulnerability affects some versions of the OpenSSH secure networking suite, it can potentially lead to remote code execution. The vulnerability CVE-2024-6409 (CVSS score: 7.0) impacts select versions of the OpenSSH secure networking suite, it can be exploited to achieve remote code execution (RCE). The issue is a possible race condition in cleanup_exit() in openssh’s privsep child that impacts openssh versions 8.7p1 and 8.8p1.

Authentication 341

Authentication Security IT Information Security 341

Data Breach Today

JULY 10, 2024

Nation-State Group APT40 Routinely Exploits Publicly Known Software Flaws The Australian cybersecurity agency is blaming a Chinese state-backed cyberespionage group, tracked as APT40, for persistent cyberattacks on Australian organizations to steal sensitive information. The group exploits known software vulnerabilities to compromise networks.

Cybersecurity 310

Cybersecurity 310

Speaker: Lee Andrews, Founder at LJA New Media & Tony Karrer, Founder and CTO at Aggregage

This session will walk you through how one CEO used generative AI, workflow automation, and sales personalization to transform an entire security company—then built the Zero to Strategy framework that other mid-market leaders are now using to unlock 3.5x ROI. As a business executive, you’ll learn how to assess AI opportunities in your business, drive adoption across teams, and overcome internal resource constraints—without hiring a single data scientist.

Marketing

Security Affairs

JULY 10, 2024

VMware addressed a critical SQL-Injection vulnerability, tracked as CVE-2024-22280, impacting Aria Automation. Virtualization giant VMware addressed a high-severity SQL-injection vulnerability, tracked as CVE-2024-22280 (CVSSv3 base score of 8.5), in its Aria Automation solution. VMware Aria Automation (formerly vRealize Automation ) is a modern cloud automation platform that simplifies and streamlines the deployment, management, and governance of cloud infrastructure and applications.

Authentication 339

Authentication Cloud Access Government 339

Security Affairs

JULY 10, 2024

IT giant Citrix addressed multiple vulnerabilities, including critical and high-severity issues in its NetScaler product. Citrix released security updates to address critical and high-severity issues in its NetScaler product. The most severe issue is an improper authorization flaw, tracked as CVE-2024-6235 (CVSS score of 9.4). An attacker with access to the NetScaler Console IP can exploit the vulnerability to access sensitive information.

Access 330

Access Cybersecurity Security IT 330

Data Breach Today

JULY 10, 2024

Monetary Authority Responds to Surge in Phishing Scams That Impersonate Banks The Monetary Authority of Singapore said banks will phase out one-time passwords for bank account logins over the next three months for customers who use digital tokens to authenticate their identity. The move follows a rise in phishing scams that impersonate banks in messages to steal credentials.

Passwords 260

Passwords Phishing Authentication 260

Security Affairs

JULY 10, 2024

Microsoft Patch Tuesday security updates for July 2024 addressed 139 flaws, including two actively exploited zero-days. Microsoft Patch Tuesday security updates for July 2024 addressed 139 vulnerabilities in Windows and Windows Components; Office and Office Components; NET and Visual Studio; Azure; Defender for IoT; SQL Server; Windows Hyper-V; Bitlocker and Secure(?

IoT 330

IoT Security Information Security IT 330

Collaboration 2.0

JULY 10, 2024

If you're concerned about your privacy, you should regularly clear your Google search cache on Android. Here's how to do this manually and set up auto-delete.

Privacy 246

Privacy 246

Speaker: Alex Salazar, CEO & Co-Founder @ Arcade | Nate Barbettini, Founding Engineer @ Arcade | Tony Karrer, Founder & CTO @ Aggregage

There’s a lot of noise surrounding the ability of AI agents to connect to your tools, systems and data. But building an AI application into a reliable, secure workflow agent isn’t as simple as plugging in an API. As an engineering leader, it can be challenging to make sense of this evolving landscape, but agent tooling provides such high value that it’s critical we figure out how to move forward.

Security

Security Affairs

JULY 10, 2024

Multiple cybersecurity agencies released a joint advisory warning about a China-linked group APT40 ‘s capability to rapidly exploit disclosed security flaws. Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. released a joint advisory warning about the China-linked group APT40 (aka TEMP.Periscope , TEMP.Jumper , Bronze Mohawk, Gingham Typhoon, ISLANDDREAMS, Kryptonite Panda, Red Ladon, TA423 , and Leviathan ) and its capability t

Cybersecurity 328

Cybersecurity Government Phishing IT 328

Collaboration 2.0

JULY 10, 2024

Long available for Android users, a Google Maps navigation perk is rolling out to iPhone users globally. Now, your speedometer and the current speed limit will appear in miles or kilometers depending on the region.

246

246

WIRED Threat Level

JULY 10, 2024

Google is bringing the password-killing “passkey” tech to its Advanced Protection Program users more than a year after rolling them out broadly.

IT 215

IT Passwords Privacy Security 215

Collaboration 2.0

JULY 10, 2024

Samsung just unveiled its subscription-free Galaxy Ring, and the Ultrahuman Ring Air is a competitive subscription-free option. Which should you buy?

IT 245

IT 245

Speaker: Frank Taliano

Documents are the backbone of enterprise operations, but they are also a common source of inefficiency. From buried insights to manual handoffs, document-based workflows can quietly stall decision-making and drain resources. For large, complex organizations, legacy systems and siloed processes create friction that AI is uniquely positioned to resolve.

IT

Data Breach Today

JULY 10, 2024

'Don't Panic,' Say Developers Security researchers identified an attack method against a commonly used network authentication protocol that dates back to the dial-up internet and relies on an obsolete hashing function. Researchers say "a well-resourced attacker" could make it practical.

Authentication 208

Authentication Security IT 208

Collaboration 2.0

JULY 10, 2024

Samsung's next smart ring might be more interactive and include display screens to show health information and notifications.

245

245

Data Breach Today

JULY 10, 2024

Cryptocurrency Exchange Platform 'Willfully Flouted US Anti-Money Laundering Laws' The once-leading cryptocurrency exchange platform known as BitMEX pleaded guilty Wednesday to willfully violating the Bank Secrecy Act and anti-money laundering laws to effectively serve as a money laundering vehicle from 2015 to 2020, according to the U.S. Department of Justice.

195

195

Collaboration 2.0

JULY 10, 2024

With the new Galaxy Z Flip 6 launching, you may wonder if the new model is worth the upgrade and how it stacks up to the previous version. We'll help you compare.

IT 245

IT 245

Advertiser: ZoomInfo

AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.

Sales

Data Breach Today

JULY 10, 2024

Remote Access Trojan 'Poco RAT' Targets Mining, Manufacturing Sectors, Says Report A new report published by Cofense Intelligence identifies a malware called "Poco RAT" that is actively targeting mining and manufacturing sectors across Latin America through a simple remote access Trojan that could be capable of delivering additional malware for ransomware or data harvesting.

Mining 182

Mining Manufacturing Ransomware Access 182

Collaboration 2.0

JULY 10, 2024

If you've been flipping out for a new foldable, here are the key differences between the market's two best options.

Marketing 245

Marketing 245

Schneier on Security

JULY 10, 2024

New attack against the RADIUS authentication protocol: The Blast-RADIUS attack allows a man-in-the-middle attacker between the RADIUS client and server to forge a valid protocol accept message in response to a failed authentication request. This forgery could give the attacker access to network devices and services without the attacker guessing or brute forcing passwords or shared secrets.

Authentication 122

Authentication Paper Passwords Access 122

Collaboration 2.0

JULY 10, 2024

These subtle features make the Samsung Galaxy Z Flip 6 a stronger (and more appealing) model than its predecessors.

IT 245

IT 245

Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage

When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m

KnowBe4

JULY 10, 2024

Researchers at Mandiant (part of Google Cloud) warn that Russian government threat actors continue to target NATO member countries with spear phishing attacks. APT29 in particular has been targeting the technology sector in order to launch supply chain attacks.

Phishing 120

Phishing Cloud Government 120

Collaboration 2.0

JULY 10, 2024

If you want a foldable that looks and feels like $1,900, get this online-exclusive configuration.

244

244

eSecurity Planet

JULY 10, 2024

Millions of online shoppers may be at risk after a data leak allegedly compromised customer information on Shopify, a leading e-commerce platform trusted by many businesses worldwide. Reports suggest nearly 180,000 users — 179,873 rows of users’ information — were impacted, with details like names, emails, and even purchase history potentially exposed.

Passwords 118

Passwords Phishing Marketing Access 118

Collaboration 2.0

JULY 10, 2024

Samsung's subscription-free smart ring is here, but you'll need to get your ring sized to fit before you can use it. Here's how to preorder and get the right size.

IT 241

IT 241

Advertiser: ZoomInfo

ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!

Marketing

KnowBe4

JULY 10, 2024

Recently I had to prepare for a governance, risk and compliance conference. I promptly realized that although I used to be quite immersed in this field as an ISO 27k implementation consultant and even a short stint as a Payment Card Industry (PCI QSA) auditor years ago, it has been a while since I looked into this.

Security 117

Security Compliance Risk Government 117

Collaboration 2.0

JULY 10, 2024

Do a more polished design and fancy AI features justify a price bump on the most expensive phone on the market? I found out.

Marketing 240

Marketing IT 240

IT Governance

JULY 10, 2024

A penetration tester’s take on the implications Cybernews researchers have found 9,948,575,739 unique plaintext passwords leaked on BreachForums, a popular hacking forum. On 4 July 2024, a threat actor called ‘ObamaCare’ leaked what is likely the largest password compilation to date, calling it “10 Billion Rockyou2024 Password Compilation”. Specifically, ObamaCare said: I present you a new rockyou2024 password list with over 9.9 billion passwords!

Passwords 110

Passwords Security Risk Data breaches 110