News
U.S. sanctions VPN provider and cryptor seller for aiding ransomware gangs
49+ min ago (81+ words) SC Media U.S. sanctions VPN provider and cryptor seller for aiding ransomware gangs An In-Depth Guide to Ransomware MacOS ‘CrashStealer’ malware poses as crash reporter to steal credentials Synopsys denies data breach claims by new ransomware group D1R New Rust-based RAT named…...
Europe built the world's strongest privacy law. WhatsApp just found the gap it doesn't cover.
1+ hour, 32+ min ago (247+ words) [SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Read more Perspectives here.] WhatsApp's safeguards are real — no public directory, no autocomplete, reserved names for verified organizations — but they address discoverability, not…...
CISA warns that three SharePoint Server bugs are actively exploited
2+ hour, 24+ min ago (51+ words) SC Media CISA warns that three SharePoint Server bugs are actively exploited Google Cloud Dialogflow CX vulnerability allowed AI agent hijacking Why Mythos is the cybersecurity crisis we need Get daily email updates You can skip this ad in 5 seconds...
AI agents have forced an infrastructure rethink
5+ hour, 39+ min ago (61+ words) SC Media AI agents have forced an infrastructure rethink How security can help build trusted AI programs How the ‘token economy’ has become a security and financial minefield Here’s what our industry learned the past 90 days since the Mythos announcement…...
MacOS ‘CrashStealer’ malware poses as crash reporter to steal credentials
21+ hour, 7+ min ago (92+ words) SC Media MacOS ‘CrashStealer’ malware poses as crash reporter to steal credentials - Ad-hoc resigning of the CrashReporter payload by the downloader script. - Execution of the application bundle from the hidden /private/tmp path. - Connection to the GitHub repository mgothiclove/pkeys…...
Synopsys denies data breach claims by new ransomware group D1R
22+ hour, 12+ min ago (80+ words) SC Media Synopsys denies data breach claims by new ransomware group D1R An In-Depth Guide to Ransomware New Rust-based RAT named LabubaRAT impersonates NVIDIA software 5 charged in UK investigation into Russian Coms scam platform Your phishing defense was built for 2016, but…...
Cursor vulnerability allows execution of malicious binaries
22+ hour, 27+ min ago (60+ words) SC Media Cursor vulnerability allows execution of malicious binaries (Credit: Robert – stock.adobe.com) Google Cloud Dialogflow CX vulnerability allowed AI agent hijacking CISA adds Cisco IOS flaw to known exploited vulnerabilities catalog Why Mythos is the cybersecurity crisis we…...
Old Microsoft-signed UEFI applications can bypass Secure Boot | brief
22+ hour, 9+ min ago (62+ words) Old Microsoft-signed UEFI applications can bypass Secure Boot SC Media Old Microsoft-signed UEFI applications can bypass Secure Boot Fortinet enhances endpoint security with AI monitoring and data loss prevention Why Endpoint Hardening Still Fails in Mature Security Programs How to…...
ShinyHunters group exploits OAuth trust, prompting Microsoft security upgrades
22+ hour, 23+ min ago (77+ words) SC Media ShinyHunters group exploits OAuth trust, prompting Microsoft security upgrades OAuth client ID spoofing silently validates stolen Microsoft Entra ID credentials LAPD ends contract with Flock Safety over privacy concerns Argentine Football Association systems reportedly compromised after nearly year-old…...
Fortinet enhances endpoint security with AI monitoring and data loss prevention | brief
22+ hour, 32+ min ago (60+ words) Fortinet enhances endpoint security with AI monitoring and data loss prevention SC Media Fortinet enhances endpoint security with AI monitoring and data loss prevention (Credit: Ralf – stock.adobe.com) Why Endpoint Hardening Still Fails in Mature Security Programs How to…...