Imagine you are an average retail investor in Australia or New Zealand, typically limited in options to grow your wealth beyond traditional stock markets or savings accounts. Now, thanks to innovation in the fintech sector, you have an opportunity to access a sophisticated investment world previously dominated by institutional investors and the super-wealthy. Melbourne-based fintech company, MezFi, introduces a blockchain-backed
Dell Technologies has identified three critical security vulnerabilities in their Enterprise SONiC (Software for Open Networking in the Cloud) operating system, addressing versions 4.1.x and 4.2.x. These vulnerabilities, recorded as CVE-2024-45763, CVE-2024-45764, and CVE-2024-45765, present alarming risks detailed by cybersecurity experts. Two of these, CVE-2024-45763 and CVE-2024-45765, are OS Command Injection flaws with a concerning CVSS score of 9.1. They
Imagine discovering that your trusted PostgreSQL database, which stores critical organizational data, has a high-severity security flaw that could allow unprivileged users to execute arbitrary code or access sensitive information. This concerning scenario has become a reality with the identification of CVE-2024-10979, a significant vulnerability in the PostgreSQL open-source database system. Assigned a Common Vulnerability Scoring System (CVSS) score of
In today’s rapidly evolving digital landscape, the importance of cybersecurity cannot be overstated. Recently, the Cybersecurity and Infrastructure Security Agency (CISA) issued a critical warning about two newly identified vulnerabilities in Microsoft Windows, designated CVE-2024-49039 and CVE-2024-43451. These vulnerabilities pose significant threats as they could permit attackers to escalate their privileges and access sensitive data. Given the potential ramifications, it
As Roblox continues to maintain its position as one of the most popular online gaming platforms with over 79.5 million daily users as of mid-2024, the large developer community associated with it has become a prime target for cybercriminals. A recent cyberattack has specifically targeted Roblox developers through malicious npm packages designed to steal credentials and personal information. This latest
The recent discovery of a significant data breach due to a critical vulnerability in the MOVEit file transfer software has sent shockwaves through various industry sectors. Identified as CVE-2023-34362, this breach has compromised the sensitive information of millions of employees across 25 major organizations, including financial, technological, healthcare, and retail companies. Operating under the alias “Nam3L3ss,” the hacker has revealed
The increasing frequency of scam phone calls has become a significant concern, with a majority of Brits wary of being caught in the fraudulent web. Over two-thirds of the population express apprehension about phone fraud, while an alarming one in five has endured weekly attempts. To counter this burgeoning menace, Virgin Media O2 has introduced an innovative solution: an AI-powered
In an alarming development, ransomware attackers have increasingly turned to exploiting cloud services, such as Amazon S3 and Microsoft Azure Blob Storage, to facilitate data exfiltration and increase the pressure on their victims for ransom payments. The SentinelLabs report highlights this growing trend, where these popular cloud storage services are being leveraged for compromising IT systems. The Growing Trend This
In a recent development that has heightened concerns in the cybersecurity community, watchTowr, a prominent attack surface management provider, has identified a new zero-day vulnerability in Fortinet products. Dubbed "FortiJump Higher," this flaw allows a managed FortiGate device to elevate its privileges and gain control over the FortiManager instance, posing significant risks to the security of these systems. The discovery
When Palo Alto Networks’ Unit 42 recently discovered two significant security vulnerabilities in Google’s Vertex AI machine learning (ML) platform, it highlighted notable risks. These vulnerabilities have the potential to lead to unauthorized access, privilege escalation, and critical data exfiltration if exploited. Vertex AI, introduced in May 2021, offers a scalable environment for training and deploying custom ML models and
Amid the constantly evolving landscape of cybersecurity threats, a new and troubling development has surfaced involving malware known as DEEPDATA. Deployed by the notable threat actor BrazenBamboo, DEEPDATA takes advantage of a vulnerability in Fortinet’s FortiClient for Windows to steal VPN credentials. This alarming vulnerability was first reported by Volexity in July 2024 and, worryingly, remains unpatched to this day.
On November 20, the bustling city of Dubai will be the stage for the grand finale of MENA’s flagship Web3 hackathon, hosted by Bybit and DMCC Crypto Centre. This event promises to be a pivotal moment for the blockchain and cryptocurrency community, as 15 innovative projects are set to present their cutting-edge Web3 visions. Originally, only ten projects were scheduled
