SecurityWeek

The White House has released a roadmap for addressing internet routing (BGP) security issues, mainly through RPKI adoption.

D-Link warns of multiple remote code execution vulnerabilities impacting its discontinued DIR-846 router model.

Google has released Android security updates to patch an exploited local privilege escalation vulnerability.

The US oil giant updated an SEC filing to confirm malicious hackers “accessed and exfiltrated information” from its corporate systems.

VMware rolls out patch for a high-severity code execution vulnerability in the Fusion hypervisor.

CSOs Jaya Baloo and Jonathan Trull discuss the route, role, and requirements in becoming and being a successful CISO.

Dutch agency said a database with billions of photos of faces amounted to serious violations of GDPR.

The FTC complaint alleges that Verkada’s failures allowed a hacker to access customers’ security cameras.

The City of Columbus sued a researcher who disclosed the impact of the data breach caused by a recent ransomware attack.

Intel has shared some clarifications on claims made by a researcher regarding the hacking of its SGX security technology.

Google has released two Chrome 128 updates to address six high-severity vulnerabilities reported by external researchers.

Redmond's threat intel team said exploitation of CVE-2024-7971 can be attributed to a North Korean APT targeting the cryptocurrency sector for financial gain.

Noteworthy stories that might have slipped under the radar: automotive CTF with $100k in prizes, deepfake scams, and Singapore’s OT security masterplan for 2024.

Efforts in California to establish first-in-the-nation safety measures for the largest artificial intelligence systems cleared an important vote.

Cisco Talos has a blog post on the BlackByte ransomware group’s continuing evolution and new TTPs.

Fortra limits access to FileCatalyst Workflow database after vendor knowledgebase article leaks default credentials.

The RansomHub ransomware group, which has made at least 210 victims, is believed to be behind the attack on oil giant Halliburton. 

A former US president and several members of Congress were targets of a plot carried out by two European men to intimidate and threaten dozens of people by calling in bogus reports of police emergencies at their homes.

Censys warns of over 1,200 internet-accessible WhatsUp Gold instances potentially exposed to malicious attacks.

The sporting goods retail chain said the incident exposed portions of the its IT systems containing confidential information.