November 2024 - Page 6 of 9 - Polymath Central

Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites

November 17, 2024

A critical authentication bypass vulnerability has been disclosed in the Really Simple Security (formerly Really Simple SSL) plugin for WordPress that, if successfully exploited, could grant an attacker to remotely…

Cybersecurity

PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs Released

November 16, 2024

Palo Alto Networks has released new indicators of compromise (IoCs) a day after the network security vendor confirmed that a new zero-day vulnerability impacting its PAN-OS firewall management interface has…

Cybersecurity

Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials

November 16, 2024

A threat actor known as BrazenBamboo has exploited an unresolved security flaw in Fortinet’s FortiClient for Windows to extract VPN credentials as part of a modular framework called DEEPDATA. Volexity,…

Cybersecurity

Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations

November 15, 2024

Cybersecurity researchers have shed light on a new remote access trojan and information stealer used by Iranian state-sponsored actors to conduct reconnaissance of compromised endpoints and execute malicious commands. Cybersecurity…

Cybersecurity

Master Certificate Management: Join This Webinar on Crypto Agility and Best Practices

November 15, 2024

In the fast-paced digital world, trust is everything—but what happens when that trust is disrupted? Certificate revocations, though rare, can send shockwaves through your operations, impacting security, customer confidence, and…

Cybersecurity

Researchers Warn of Privilege Escalation Risks in Google’s Vertex AI ML Platform

November 15, 2024

Cybersecurity researchers have disclosed two security flaws in Google’s Vertex machine learning (ML) platform that, if successfully exploited, could allow malicious actors to escalate privileges and exfiltrate models from the…

Cybersecurity

Vietnamese Hacker Group Deploys New PXA Stealer Targeting Europe and Asia

November 15, 2024

A Vietnamese-speaking threat actor has been linked to an information-stealing campaign targeting government and education entities in Europe and Asia with a new Python-based malware called PXA Stealer. The malware…

Cybersecurity

How AI Is Transforming IAM and Identity Security

November 15, 2024

In recent years, artificial intelligence (AI) has begun revolutionizing Identity Access Management (IAM), reshaping how cybersecurity is approached in this crucial field. Leveraging AI in IAM is about tapping into…

Cybersecurity

High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables

November 15, 2024

Cybersecurity researchers have disclosed a high-severity security flaw in the PostgreSQL open-source database system that could allow unprivileged users to alter environment variables, and potentially lead to code execution or…

Cybersecurity

Bitfinex Hacker Sentenced to 5 Years, Guilty of Laundering $10.5 Billion in Bitcoin

November 15, 2024

Ilya Lichtenstein, who pleaded guilty to the 2016 hack of cryptocurrency stock exchange Bitfinex, has been sentenced to five years in prison, the U.S. Department of Justice (DoJ) announced Thursday.…

Month: November 2024