The notorious Lazarus Advanced Persistent Threat (APT) group has once again caught the attention of cybersecurity experts with their latest method of infiltrating macOS systems. In defiance of standard defenses, they utilize custom extended attributes to smuggle malicious code onto unsuspecting systems. This innovative technique, observed by cybersecurity firm Group-IB, facilitates the malware staying concealed and undetected within the target
The cybersecurity landscape is constantly evolving, with new threats emerging and existing vulnerabilities being exploited. Recent incidents have highlighted the challenges faced by organizations in securing their digital environments. This article delves into Fortinet’s incomplete patch for the FortiJump vulnerability, significant data breaches, and the rising cyber risks in various sectors. Fortinet’s Inadequate FortiJump Patch WatchTowr’s Findings Researchers from WatchTowr
In an alarming development, hackers have started to exploit DocuSign’s API to send fraudulent invoices that appear highly authentic, marking a significant evolution in cybercrime tactics. Unlike traditional phishing schemes, which often involve poorly crafted emails and malicious links, these attacks utilize legitimate DocuSign accounts and templates, making them difficult for users and automated security systems to detect. Traditional Phishing
NVIDIA’s release of a new bundle featuring the Digital Premium Edition of the highly anticipated game, Indiana Jones & The Great Circle, packaged with its GeForce RTX 40 series GPUs, has set the gaming community abuzz. Developed by MachineGames, renowned for their work on the recent Wolfenstein series, the game employs state-of-the-art NVIDIA technologies such as DLSS 3.5, ray tracing,
The increasing reliance on IoT devices for home automation and security systems has brought convenience and efficiency to many households. However, this convenience comes with its own set of challenges, especially in terms of security. Recent findings have revealed ten critical vulnerabilities in the OvrC cloud platform. This platform, used by over 500,000 locations to manage connected IoT devices like
Cybersecurity firm watchTowr recently identified a critical zero-day vulnerability within Citrix’s Session Recording Manager (SRM) that enables remote code execution (RCE) on Citrix Virtual Apps and Desktops without needing authentication. This revelation underscores significant security risks for enterprises relying on Citrix’s SRM software for auditing and troubleshooting. Citrix’s SRM is specially designed to record user activities like keyboard and mouse
Can TSMC maintain its lead in the semiconductor industry with rising demand driven by titans like NVIDIA, Apple, and MediaTek, especially as competitors falter? The answer might lie in the recent remarkable achievements by TSMC, particularly in its 5nm and 3nm process nodes. With a 100% utilization rate of these processes, TSMC has proven its production prowess. This demand surge
When considering the immense demands of AI workloads, it becomes clear that traditional storage solutions often fall short in meeting the necessary speed and capacity. This introduces significant challenges for data centers managing vast volumes of data. Micron’s new 60TB enterprise SSD, the Micron 6550 Ion, emerges as a notable solution aimed at addressing these demands. This revolutionary SSD promises
A new phishing tool named GoIssue has surfaced on a cybercrime forum, posing a significant threat to GitHub users, particularly those in the software development community. GoIssue enables cybercriminals to collect email addresses from GitHub profiles to launch bulk phishing campaigns, thereby amplifying the risks of source code theft and network intrusions. This has raised serious concerns among security professionals
The potential changes in the cyber threat landscape under Donald Trump’s presidency have sparked significant debate among cybersecurity experts. As global cybersecurity dynamics are heavily tied to geopolitical relations, Trump’s victory could lead to notable shifts, especially in the activities of cyber adversaries like Russia, China, and Iran. Analysts are closely watching how Trump’s geopolitical strategies might realign and impact
Nvidia’s eagerly anticipated RTX 5000 series GPUs seem to be inching closer to reality with new reports suggesting that production has already begun, signaling the potential end of the RTX 4000 series. The graphics card titan has set the tech world abuzz as it shifts its manufacturing focus toward next-gen hardware, leaving enthusiasts and gamers on the edge of their
In recent developments, cybersecurity researchers at watchTowr have uncovered new vulnerabilities in Citrix Virtual Apps and Desktop systems that could allow unauthenticated remote code execution (RCE) attacks through Microsoft Message Queuing (MSMQ) misconfigurations. These vulnerabilities, identified specifically as CVE-2024-8068 and CVE-2024-8069, involve critical flaws in the Session Recording component, which is often used by administrators to monitor user activities for
