The Hacker News

VMware Alert: Uninstall EAP Now - Critical Flaw Puts Active Directory at Risk

VMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) following the discovery of a critical security flaw. Tracked as CVE-2024-22245 (CVSS score: 9.6), the vulnerability has been described as an arbitrary authentication relay bug. "A malicious actor could trick a target domain user with EAP installed in their web browser into requesting and relaying

The Hacker News

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

Multiple threat actors, including LockBit ransomware affiliates, are actively exploiting a recently disclosed critical security flaw in Citrix NetScaler application delivery control (ADC) and Gateway appliances to obtain initial access to target environments. The joint advisory comes from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI),

WIRED

Top US Spies Meet With Privacy Experts Over Surveillance 'Crown Jewel'

Civil rights groups say efforts to get US intelligence agencies to adopt privacy reforms have largely failed. Without those changes, renewal of a post-911 surveillance policy may be doomed.

The Hacker News

The Hidden Dangers of Public Wi-Fi

Public Wi-Fi, which has long since become the norm, poses threats to not only individual users but also businesses. With the rise of remote work, people can now work from virtually anywhere: a cafe close to home, a hotel in a different city, or even while waiting for a plane at the airport. Next, let's explore the risks of connecting to public Wi-Fi, both for you personally and for businesses.