Cyber News & Articles

Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as “root” to bypass the operating system’s System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions.
The vulnerability in question is CVE-2024-44243 (CVSS score: 5.5), a medium-severity bug

New research has pulled back the curtain on a “deficiency” in Google’s “Sign in with Google” authentication flow that exploits a quirk in domain ownership to gain access to sensitive data.
“Google’s OAuth login doesn’t protect against someone purchasing a failed startup’s domain and using it to re-create email accounts for former employees,” Truffle Security co-founder and CEO Dylan Ayrey said

In episode 33 of The AI Fix, our hosts watch a robot fall over, ChatGPT demonstrates that it can’t draw a watch face but it can fire a gun, a man without a traffic cone gets trapped in his Waymo taxi, Graham discovers what social robots are, and both hosts watch horrified as somebody rips a robot’s face off.

Graham explains why Elon Musk has invented an “unhinged” version of Grok and every Tesla will soon come fitted with a built-in racist uncle, and Mark looks into the disturbing phenomenon of “alignment faking”.

All this and much more is discussed in the latest edition of “The AI Fix” podcast by Graham Cluley and Mark Stockley.

What do identity risks, data security risks and third-party risks all have in common? They are all made much worse by SaaS sprawl. Every new SaaS account adds a new identity to secure, a new place where sensitive data can end up, and a new source of third party risk. Learn how you can protect this sprawling attack surface in 2025.

What do identity risks, data security risks and third-party

The Telegram-based online marketplace known as HuiOne Guarantee and its vendors have cumulatively received at least $24 billion in cryptocurrency, dwarfing the now-defunct Hydra to become the largest online illicit marketplace to have ever operated.
The figures, released by blockchain analytics firm Elliptic, show that monthly inflows have increased by 51% since July 2024.
Huione Guarantee, part

Threat hunters are calling attention to a new campaign that has targeted Fortinet FortiGate firewall devices with management interfaces exposed on the public internet.
“The campaign involved unauthorized administrative logins on management interfaces of firewalls, creation of new accounts, SSL VPN authentication through those accounts, and various other configuration changes,” cybersecurity firm

Russia-linked threat actors have been attributed to an ongoing cyber espionage campaign targeting Kazakhstan as part of the Kremlin’s efforts to gather economic and political intelligence in Central Asia.
The campaign has been assessed to be the work of an intrusion set dubbed UAC-0063, which likely shares overlap with APT28, a nation-state group affiliated with Russia’s General Staff Main

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a second security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The vulnerability in question is CVE-2024-12686 (CVSS score: 6.6), a medium-severity bug that could

Imagine trusting your pastor with your savings, only to find out he’s running a crypto scam.

Read more in my article on the Hot for Security blog.

A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency miners.
Cloud security firm Wiz said it’s currently responding to “multiple incidents” involving the weaponization of CVE-2024-50603 (CVSS score: 10.0), a maximum severity bug that could result in