Polymath Central

Microsoft Launches Windows Resiliency Initiative to Boost Security and System Integrity

November 20, 2024

Microsoft has announced a new Windows Resiliency Initiative as a way to improve security and reliability, as well as ensure that system integrity is not compromised. The idea, the tech…

Cybersecurity

NHIs Are the Future of Cybersecurity: Meet NHIDR

November 20, 2024

The frequency and sophistication of modern cyberattacks are surging, making it increasingly challenging for organizations to protect sensitive data and critical infrastructure. When attackers compromise a non-human identity (NHI), they…

Cybersecurity

Decades-Old Security Vulnerabilities Found in Ubuntu’s Needrestart Package

November 20, 2024

Multiple decade-old security vulnerabilities have been disclosed in the needrestart package installed by default in Ubuntu Server (since version 21.04) that could allow a local attacker to gain root privileges…

Cybersecurity

China-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom Networks

November 20, 2024

A new China-linked cyber espionage group has been attributed as behind a series of targeted cyber attacks targeting telecommunications entities in South Asia and Africa since at least 2020 with…

Cybersecurity

Oracle Warns of Agile PLM Vulnerability Currently Under Active Exploitation

November 20, 2024

Oracle is warning that a high-severity security flaw impacting the Agile Product Lifecycle Management (PLM) Framework has been exploited in the wild. The vulnerability, tracked as CVE-2024-21287 (CVSS score: 7.5),…

Cybersecurity

Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities

November 20, 2024

Apple has released security updates for iOS, iPadOS, macOS, visionOS, and its Safari web browser to address two zero-day flaws that have come under active exploitation in the wild. The…

Cybersecurity

Hackers Hijack Unsecured Jupyter Notebooks to Stream Illegal Sports Broadcasts

November 19, 2024

Malicious actors are exploiting misconfigured JupyterLab and Jupyter Notebooks to conduct stream ripping and enable sports piracy using live streaming capture tools. The attacks involve the hijack of unauthenticated Jupyter…

Cybersecurity

Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices

November 19, 2024

The malware known as Ngioweb has been used to fuel a notorious residential proxy service called NSOCKS, as well as by other services such as VN5Socks and Shopsocks5, new findings…

Cybersecurity

Privileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top Priority

November 19, 2024

Privileged accounts are well-known gateways for potential security threats. However, many organizations focus solely on managing privileged access—rather than securing the accounts and users entrusted with it. This emphasis is…

Cybersecurity

New ‘Helldown’ Ransomware Variant Expands Attacks to VMware and Linux Systems

November 19, 2024

Cybersecurity researchers have shed light on a Linux variant of a relatively new ransomware strain called Helldown, suggesting that the threat actors are broadening their attack focus. “Helldown deploys Windows…