Cybersecurity Alert: New Vulnerabilities, Malware Tactics, and Advanced Protective Measures Unveiled
October 22, 2024Hackers are increasingly employing sophisticated tactics to breach previously secure systems, prompting security experts to innovate advanced protective tools.
A critical vulnerability, CVE-2024-23113, has left over 87,000 Fortinet devices exposed to potential remote code execution.
Vulnhuntr, an AI-driven bug hunting tool, has successfully identified multiple zero-day vulnerabilities in various open-source projects.
Malware campaigns are leveraging Hijack Loader, which exploits legitimate code-signing certificates to evade detection.
A recently disclosed flaw in Apple's macOS allowed users' privacy settings to be circumvented, leading to a patch in the latest version.
For enhanced security, users are encouraged to utilize hardware security keys and implement FIDO2/WebAuthn protocols.
Several major companies have faced cyber attacks, although some successfully patched vulnerabilities before exploitation could occur.
New variants of the TrickMo Android banking trojan have emerged, capable of stealing unlock patterns and PINs through deceptive web pages.
In response to memory safety challenges, Google is transitioning to memory-safe programming languages to reduce the risk of vulnerability exploitation.
To maintain security, it is crucial for users to keep their devices and applications updated regularly.
Researchers have introduced a new process injection technique called Early Cascade Injection, which can evade detection by security software.
The FIDO Alliance has launched new protocols designed to enhance the transferability of passkeys across different platforms.
Summary based on 1 source
Get a daily email with more Tech stories
Source
The Hacker News • Oct 21, 2024
THN Cybersecurity Recap: Top Threats, Tools and News (Oct 14 - Oct 20)