Latest news with #CyberSecurity

‘Alarming' AI powered scams targeting Australians

News.com.au

2 days ago

General
News.com.au

‘Alarming' AI powered scams targeting Australians

Tech Guide Editor Stephen Fenech discusses the latest AI powered scams and how Australians can tackle the issue and protect their data. 'This is alarming … some of the methods of scams has really gone up to another level thanks to AI,' Mr Fenech told Sky News Australia. 'A lot of people have unfortunately given up their details … and their accounts have been compromised. 'Make sure you've got the latest version of all that software because if you don't have that protection, you could easily be led to these sites.'

UAE issues 'urgent' Google Chrome security alert, asks residents to update browser

Khaleej Times

4 days ago

General
Khaleej Times

UAE issues 'urgent' Google Chrome security alert, asks residents to update browser

The UAE's Cyber Security Council alerted Google Chrome users of a security update on Thursday. Google has released urgent security updates for Google Chrome to address a critical zero-day. The UAE Cyber Security Council has recommended applying the security updates and also circulating this information to subsidiaries and partners. The Cyber Security Council recommended that users update their Chrome browser to the latest version from Google. Google has released Chrome 137.0.7151.55/56 for Windows, Mac, and Linux, as well as Chrome 137.0.7151.51 for iOS. These vulnerabilities, if exploited, could allow remote attackers to execute arbitrary code, corrupt memory, bypass security restrictions, or cause denial of service (DoS). The Council also said that it appreciates the ongoing cooperation towards providing a secure digital system. Ø£ØµØ¯Ø±Ø° Ø¬Ù�Ø¬Ù� Ù�Ø¤Ø®Ø±Ù�Ø§Ø� Ø°ØØ¯Ù�Ø«Ø§Ø° Ø£Ù�Ù�Ù�Ø© Ø·Ø§Ø±Ø¦Ø© Ù�Ù�Ø°ØµÙ�Ø Ù�Ø±Ù�Ù� Ø� Ù�Ù�Ø¹Ø§Ù�Ø¬Ø© Ø§Ù�Ø«Ø°Ø±Ø§Ø° Ø§Ù�Ø£Ù�Ù�Ù�Ø©, Ù�Ø°Ø§ Ù�Ù�ØµÙ� Ù�Ø¬Ù�Ø³ Ø§Ù�Ø£Ù�Ù� Ø§Ù�Ø³Ù�Ø¨Ø±Ø§Ù�Ù� Ø¨Ø¶Ø±Ù�Ø±Ø© Ø°ØØ¯Ù�Ø« Ù�Ø°ØµÙ�Ø Ù�Ø±Ù�Ù� Ø§Ù�Ø®Ø§Øµ Ø¨Ø£Ø¬Ù�Ø²Ø°Ù�Ù� Ø¥Ù�Ù� Ø£ØØ¯Ø« Ø¥ØµØ¯Ø§Ø± Ù�Ù� Ù�Ø¨Ù� Ø¬Ù�Ø¬Ù�. Ù�Ù�Ø¥Ø·Ù�Ø§Ø¹ Ø¹Ù�Ù� Ø°Ù�Ø§ØµÙ�Ù� Ø§Ù�Ø«Ø°Ø±Ø§Ø° Ù�Ø±Ø¬Ù� Ù�Ø°Ø§Ø¨Ø¹Ø© Ø§Ù�Ø±Ø§Ø¨Ø· Ø§Ù�Ø°Ø§Ù�Ù�: â�¦ — Cyber Security Council (@cscgovae) May 29, 2025 The Council had also alerted Google Chrome users of a security update earlier, after Google released security updates to address multiple vulnerabilities in the Chrome browser. These vulnerabilities could potentially allow attackers to execute malicious code on affected system, the authority had said. The update included five security fixes and users could access the Chrome Security Page for more information.

Silicom Awarded $4M/Yr FPGA Smart NIC Design Win by New Fortune 500 Customer

Yahoo

5 days ago

Business
Yahoo

Silicom Awarded $4M/Yr FPGA Smart NIC Design Win by New Fortune 500 Customer

KFAR SAVA, Israel, May 28, 2025 /PRNewswire/ -- Silicom Ltd. (NASDAQ: SILC), a leading provider of networking and data infrastructure solutions, today announced that it has secured a major FPGA Smart NIC win from a new customer, a Fortune 500 cloud-based service provider located in North America. The customer selected the Silicom card after a year-long process which included a thorough technical evaluation. Silicom is currently in the process of customizing the card's off-the-shelf version to match the customer's exact requirements, and will then roll out production. Initial deliveries are scheduled to begin towards the end of 2025, followed by a ramp-up through 2026. Once the full run rate is achieved, revenues related to the Design Win are expected to reach $4 million per year. "We are proud and excited that such a large and influential customer has selected our FPGA Smart NIC, a testament to our innovation, reliability and the rock-solid performance of our technology," commented Liron Eizenman, Silicom's CEO. "The customer's tests demonstrated clearly the performance edge that they can achieve using our solution, helping it maintain its top-tier service even as data volumes and security risks multiply. Other customers are very interested in similar solutions and have already engaged us." Mr. Eizenman continued, "We believe this is the tip of the iceberg with this customer, and are already exploring opportunities to supply additional components and systems for massive worldwide deployment. We are aiming to build a long-term partnership in which they rely on us for a variety of strategic solutions, in line with our plan for building our business and shareholder value." About Silicom Silicom Ltd. is an industry-leading provider of high-performance networking and data infrastructure solutions. Designed primarily to improve performance and efficiency in Cloud and Data Center environments, Silicom's solutions increase throughput, decrease latency and boost the performance of servers and networking appliances, the infrastructure backbone that enables advanced Cloud architectures and leading technologies like NFV, SD-WAN and Cyber Security. Our innovative solutions for high-density networking, high-speed fabric switching, offloading and acceleration, which utilize a range of cutting-edge silicon technologies as well as FPGA-based solutions, are ideal for scaling-up and scaling-out cloud infrastructures. Silicom products are used by major Cloud players, service providers, telcos and OEMs as components of their infrastructure offerings, including both add-on adapters in the Data Center and stand-alone virtualized/universal CPE devices at the edge. Silicom's long-term, trusted relationships with more than 200 customers throughout the world, its more than 400 active Design Wins and more than 300 product SKUs have made Silicom a "go-to" connectivity/performance partner of choice for technology leaders around the globe. For more information, please visit: Statements in this press release which are not historical data are forward-looking statements which involve known and unknown risks, uncertainties, or other factors not under the company's control, which may cause actual results, performance, or achievements of the company to be materially different from the results, performance, or other expectations implied by these forward-looking statements. These factors include, but are not limited to, Silicom's increasing dependence for substantial revenue growth on a limited number of customers, the speed and extent to which Silicom's solutions are adopted by the relevant markets, difficulty in commercializing and marketing of Silicom's products and services, maintaining and protecting brand recognition, protection of intellectual property, competition, disruptions to its manufacturing, sales & marketing, development and customer support activities, the impact of the wars in Gaza and in the Ukraine, attacks on shipping by Huthis in the Red Sea, rising inflation, rising interest rates and volatile exchange rates, as well as any continuing or new effects resulting from the COVID-19 pandemic, and the global economic uncertainty, which may impact customer demand by encouraging them to exercise greater caution and selectivity with their short-term IT investment plans. The factors noted above are not exhaustive. Further information about the company's businesses, including information about factors that could materially affect Silicom's results of operations and financial condition, are discussed in our Annual Report on Form 20-F and other documents filed by the Company and that may be subsequently filed by the company from time to time with the SEC. These forward-looking statements can generally be identified as such because the context of the statement will include words such as "expect," "should," "believe," "anticipate" or words of similar import. Similarly, statements that describe future plans, objectives or goals are also forward-looking statements. In light of significant risks and uncertainties inherent in forward-looking statements, the inclusion of such statements should not be regarded as a representation by the company that it will achieve such forward-looking statements. The company disclaims any duty to update such statements, whether as a result of new information, future events, or otherwise. Company Contact:Eran Gilad, CFOSilicom +972-9-764-4555E-mail: erang@ Investor Relations Contact:Ehud HelftEK Global Investor RelationsTel: +1 212 378 8040E-mail: silicom@ Logo: View original content: SOURCE Silicom Ltd. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data

New Windows Server 2025 Attack Compromises Any Active Directory User

Forbes

21-05-2025

Forbes

New Windows Server 2025 Attack Compromises Any Active Directory User

New Windows Server 2025 vulnerability confirmed. Although you are far more likely to read about vulnerabilities impacting the Windows operating system, including those that have long since reached end-of-support status such as Windows 7, this doesn't mean that Windows Server users are not in the crosshairs of threat actors. Far from it, and not just legacy versions either, as security researchers reveal a new, and trivial to implement, Windows Server 2025 vulnerability that could compromise any Active Directory user. Here's what you need to know. Privilege escalation vulnerabilities are among the worst you can be faced with, as, rather obviously, they enable a successful attacker to do way more than they should be able to given the lack of permissions they started with. Yuval Gordon, a senior security researcher at Akamai Technologies, has exclusively shared details of a particularly concerning privilege escalation vulnerability impacting Windows Server 2025. Not only because, as Gordon explained, it allows an attacker to 'compromise any user in Active Directory,' but also as it 'works with the default configuration, and is trivial to implement.' If you thought things couldn't get any worse, you'd be wrong: no patch is currently available. Akamai has named the vulnerability and associated exploit as BadSuccessor, and confirmed that it abuses the delegated Managed Service Account feature introduced with Windows Server 2025. 'In 91% of the environments we examined,' Gordon said, 'we found users outside the domain admins group that had the required permissions to perform this attack.' BadSuccessor might be trivial to implement, but the consequences of a successful attack are far from the same. Full attack flow, showing all steps needed to have a BadSuccessor. A key feature of dMSA is the ability to migrate existing and non-managed service accounts by seamlessly converting them into dMSAs, and it's this that is the issue. 'By abusing dMSAs, attackers can take over any principal in the domain,' Gordon said. All an attacker needs to be able to exploit the BadSuccessor vulnerability is a seemingly benign permission on any organizational unit in the domain. Here's the real killer though: as long as you have one Windows Server 2025 domain controller, your domain doesn't even need to be using dMSAs at all, the exploit will work anyway. I would advise every Windows Server administrator to read the full report in its entirety, and as a matter of some urgency. In the meantime, I spoke with Yuval Gordon who reiterated that BadSuccessor is not only 'so dangerous because the attack is so simple,' but added that Akamai researchers were 'surprised that we were first to discover it.' The only good news, such as it is, would be that there is no evidence to conclusively show that BadSuccessor has been exploited by attackers in the wild at this point, but given that 'most organisations aren't currently monitoring the relevant events,' Gordon said it's hard to say for certain . Gordon recommended that organizations and admins need to identify which users have the specific permissions that make this attack possible, and, having done so, review and remove unnecessary permissions. 'We're releasing a PowerShell script alongside the blog post to help with that,' Gordon told me, so that would be a good starting point. 'It highlights exactly which users have risky access so defenders know where to focus,' Gordon concluded. I reached out to Microsoft for a statement, and a spokesman said: 'We appreciate Akamai for identifying and responsibly reporting this issue. After careful investigation, this case was rated as a Moderate severity that does not meet our bar for immediate servicing, as the technique requires elevated user permissions to be successful. We will look to address this issue in a future update.' Microsoft also said that for BadSuccessor to be successful, an attacker would require access to the msds-groupMSAMembership attribute of the dMSA. This attribute allows the user to utilize the The attacker needs write access to this attribute, which allows them to specify a user, such as an administrator, that the dMSA can act on behalf of. All users of Windows Server 2025 are advised to take action and protect against the threat until Microsoft issues a fix.

Technical.ly

16-05-2025

Business
Technical.ly

Cyber Security Workshop

Join us for an exciting opportunity! Are you interested in a career in cyber security? Whether you're a student, a recent graduate, or an adult looking for a career change, this event is designed for you! The Be. Org, in partnership with Jump Start to Tech and The Mill on North , invites you to our Cyber Security Career Pathways event. Event Highlights: Explore the Cyber Security Field: Gain insights into the rapidly growing world of cyber security and understand the skills needed to thrive in this essential industry. Create Your Roadmap: Our experts will guide you in developing a personalized roadmap to your cyber security career, outlining the steps you need to take to achieve your goals. Free Training Opportunities: Discover our partnership with Jump Start to Tech, offering a free pipeline to cyber security training. Learn about the resources and support available to kickstart your journey in this dynamic field. Networking Opportunities: Connect with industry professionals, educators, and fellow participants who share your passion for stem tech and cyber security. Food and Drink: Small bites and drinks will be served. Event Details: Date: Wednesday, May 21, 2025 Time: 4:00PM- 7:00PM Location: The Mill on North , 2636 W North Ave, Baltimore, MD 21216 Don't miss this chance to unlock the potential to a career in a highly sought, highly paying, and highly growing field!