A naukri.com initiative
Dev
2M
243
Image Credit: Dev
Security news weekly round-up - 8th November 2024
- Autonomous Discovery of Critical Zero-Days: Researchers have used AI to find zero-day vulnerabilities. However, the traditional SAST tools have limitations due to pattern matching. The researchers have used automation in vulnerability discovery using their methodology.
- The biggest underestimated security threat of today? Advanced persistent teenagers: A previously underestimated security threat has come to light – Advanced Persistent Teenagers. These skilled hackers, who are financially motivated, have used credible email lures and convincing phone calls posing as a company’s help desk, to fool employees into giving away passwords or network access.
- Thousands of hacked TP-Link routers used in yearslong account takeover attacks: Criminals have managed to hack thousands of routers to compromise user credentials. Although the group responsible for the attacks is known- Storm-0940, it is unclear how the hackers are able to access the routers
- Google's AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine: Google’s AI tool, Big Sleep, has found a previously undiscovered zero-day vulnerability in SQLite. The vulnerability is a stack buffer underflow - resulting in a crash or arbitrary code execution.
- DocuSign Abused to Deliver Fake Invoices: Cybercriminals have abused the legitimate service of DocuSign to send bogus requests to sign documents that may result in direct payments to the attackers’ accounts.
- Winos 4.0 Malware Infects Gamers Through Malicious Game Optimization Apps: Players using non-official sources to download game installers are vulnerable to infection from malware like Winos 4.0. The malware creates a multi-stage infection process.
Read Full Article
14 Likes
For uninterrupted reading, download the app