Over a third of organizations have admitted that they face major challenges monitoring the use of unsanctioned AI tools in the enterprise, according to Strategy Insights. The London-headquartered consulting firm polled 3320 directors from companies across the US, UK, Germany,…
Nov 26, 2024Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched critical security flaw impacting Array Networks AG and vxAG secure access gateways to its Known Exploited Vulnerabilities (KEV) catalog following…
The UK’s data protection regulator has warned that a reluctance among organizations to share customers’ personal information is worsening a fraud epidemic in the country. Fraud is now the most common crime in England and Wales, accounting for two-fifths (39%)…
A targeted supply chain attack involving the widely used npm package @lottiefiles/lottie-player has been uncovered, highlighting vulnerabilities in software dependencies. According to research published by ReversingLabs last week, malicious versions of the package were released earlier this year. Key Details…
Nov 25, 2024Ravie LakshmananCloud Security / Supply Chain Attack Cybersecurity researchers have disclosed two new attack techniques against infrastructure-as-code (IaC) and policy-as-code (PaC) tools like HashiCorp’s Terraform and Open Policy Agent (OPA) that leverage dedicated, domain-specific languages (DSLs) to breach…
Flipaclip, an animation creation app that is particularly popular with youngsters, has exposed the details of over 890,000 users. A vulnerability in the frame-by-frame animation app, which is available for iOS and Android, was initially discovered this month by researcher…
The State of New York has secured an $11.3m settlement from two car insurance companies over the breach of sensitive data of more than 120,000 of its citizens. Poor data security practices led to the data breaches according to the…
Nov 25, 2024Ravie LakshmananSoftware Supply Chain / Malware The administrators of the Python Package Index (PyPI) repository have quarantined the package “aiocpa” following a new update that included malicious code to exfiltrate private keys via Telegram. The package in question…
An 18% rise in IoT device traffic and a substantial 400% increase in malware attacks targeting IoT devices have been revealed by security researchers. The findings by Zscaler highlight significant challenges and vulnerabilities accompanying the growing adoption of Internet of…
Nov 25, 2024Ravie LakshmananMobile Security / Privacy Google has introduced a new feature called Restore Credentials to help users restore their account access to third-party apps securely after migrating to a new Android device. Part of Android’s Credential Manager API,…
All Rights Reserved. Kowatek Blog by IWUCHI
Home | About Us | Disclaimer | Privacy Policy | Contact Us
