Graham CLULEY August 22, 2024 Promo Protect all your devices, without slowing them down. Free 30-day trial A production partner of Netflix has suffered a serious security breach which has resulted in yet-to-be-released episodes of popular shows to be leaked online. As Variety reports, the security breach occurred at media localisation company Iyuno which confirmed […]
Cyber News
Graham CLULEY August 22, 2024 Promo Protect all your devices, without slowing them down. Free 30-day trial Cybercriminals have succeeded in stealing the payment card information from over 110,000 animal lovers over several months after meddling with Oregon Zoo’s online ticket payment system. Sensitive information belonging to 117,815 people including their names, payment card numbers, […]
Cyber News
What is Continuous Attack Surface Penetration Testing or CASPT? Continuous Penetration Testing or Continuous Attack Surface Penetration Testing (CASPT) is an advanced security practice that involves the continuous, automated, and ongoing penetration testing services of an organization’s digital assets to identify and mitigate security vulnerabilities. CASPT is designed for enterprises with an evolving attack surface […]
Cyber News
Google has rolled out security fixes to address a high-severity security flaw in its Chrome browser that it said has come under active exploitation in the wild. Tracked as CVE-2024-7971, the vulnerability has been described as a type confusion bug in the V8 JavaScript and WebAssembly engine. “Type confusion in V8 in Google Chrome prior […]
Cyber News
Cybersecurity researchers have disclosed a critical security flaw in the LiteSpeed Cache plugin for WordPress that could permit unauthenticated users to gain administrator privileges. “The plugin suffers from an unauthenticated privilege escalation vulnerability which allows any unauthenticated visitor to gain Administrator level access after which malicious plugins could be uploaded and installed,” Patchstack’s Rafie Muhammad […]
Cyber News
GitHub has released fixes to address a set of three security flaws impacting its Enterprise Server product, including one critical bug that could be abused to gain site administrator privileges. The most severe of the shortcomings has been assigned the CVE identifier CVE-2024-6800, and carries a CVSS score of 9.5. “On GitHub Enterprise Server instances […]
Cyber News
Cybersecurity researchers have unpacked a new malware strain dubbed PG_MEM that’s designed to mine cryptocurrency after brute-forcing their way into PostgreSQL database instances. “Brute-force attacks on Postgres involve repeatedly attempting to guess the database credentials until access is gained, exploiting weak passwords,” Aqua security researcher Assaf Morag said in a technical report. “Once accessed, attackers […]
Cyber News
In episode 12 of The AI Fix, Mark and Graham meet an LLM having an existential crisis, ChatGPT speaks Welsh for no reason, Graham does an impression of a water spout, Eric Schmidt shares a new and unexpected take on “do no evil”, and our hosts feel like David Attenborough as they witness herds of […]
Cyber News
Cybersecurity researchers have disclosed a critical security flaw impacting Microsoft’s Copilot Studio that could be exploited to access sensitive information. Tracked as CVE-2024-38206 (CVSS score: 8.5), the vulnerability has been described as an information disclosure bug stemming from a server-side request forgery (SSRF) attack. “An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in […]
Cyber News