Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation

The zero-day is tagged as CVE-2024-32896 and described as an elevation of privilege issue in Pixel Firmware.
The post Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation appeared first on SecurityWeek.
Continue reading Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation

Patch Tuesday: Remote Code Execution Flaw in Microsoft Message Queuing

The Windows vulnerability carries a CVSS severity score of 9.8/10 and can be exploited by via specially crafted malicious MSMQ packets.
The post Patch Tuesday: Remote Code Execution Flaw in Microsoft Message Queuing appeared first on SecurityWeek.
Continue reading Patch Tuesday: Remote Code Execution Flaw in Microsoft Message Queuing

Fortinet Expands Cloud Security Portfolio with Lacework Acquisition

Fortinet announces plans to acquire Lacework, a late-stage cloud security startup that was once listed as a “unicorn” company valued north of $1 billion.
The post Fortinet Expands Cloud Security Portfolio with Lacework Acquisition appeared first on Sec… Continue reading Fortinet Expands Cloud Security Portfolio with Lacework Acquisition

Microsoft Bows to Public Pressure, Disables Controversial Windows Recall by Default

Amidst public pressure, Microsoft changes the set-up experience of Copilot+ PCs to disable the controversial Windows Recall feature by default.
The post Microsoft Bows to Public Pressure, Disables Controversial Windows Recall by Default appeared first… Continue reading Microsoft Bows to Public Pressure, Disables Controversial Windows Recall by Default

Tenable to Acquire Eureka Security to Boost DSPM Capabilities

Tenable goes shopping again in Israel with plans to buy early stage startup Eureka Security to boost data security posture management tooling.
The post Tenable to Acquire Eureka Security to Boost DSPM Capabilities appeared first on SecurityWeek.
Continue reading Tenable to Acquire Eureka Security to Boost DSPM Capabilities

Cloudflare Expands Zero Trust Capabilities with Acquisition of BastionZero

Cloudlfare acquires Boston seed-stage startup BastionZero to bolster its Zero Trust Network Access technology portfolio.
The post Cloudflare Expands Zero Trust Capabilities with Acquisition of BastionZero appeared first on SecurityWeek.
Continue reading Cloudflare Expands Zero Trust Capabilities with Acquisition of BastionZero

Microsoft’s Windows Recall: Cutting-Edge Search Tech or Creepy Overreach?

SecurityWeek editor-at-large Ryan Naraine examines the broad tension between tech innovation and privacy rights at a time when ChatGPT-like bots and generative-AI apps are starting to dominate the landscape. 
The post Microsoft’s Windows Recall: … Continue reading Microsoft’s Windows Recall: Cutting-Edge Search Tech or Creepy Overreach?