Source: securityaffairs.com – Author: Pierluigi Paganini US Government and defense contractor Belcan left its super admin credentials open to the public, Cybernews research team reveals. Belcan...
Month: August 2023
Akira ransomware gang spotted targeting Cisco VPN products to hack organizations – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini The Akira ransomware gang targets Cisco VPN products to gain initial access to corporate networks and steal their data. The...
Snatch gang claims the hack of the Department of Defence South Africa – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Snatch gang claims the hack of the Department of Defence South Africa and added the military organization to its leak...
CISA adds critical Adobe ColdFusion flaw to its Known Exploited Vulnerabilities catalog – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini US CISA added critical vulnerability CVE-2023-26359 in Adobe ColdFusion to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA)...
A cyber attack hit the Australian software provider Energy One – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini The Australian software provider Energy One announced it was hit by a cyberattack last week that affected certain corporate systems...
More Than Half of Browser Extensions Pose Security Risks – Source: www.darkreading.com
Source: www.darkreading.com – Author: Jai Vijayan, Contributing Writer, Dark Reading Many browser extensions that organizations permit employees to use when working with SaaS apps such as...
Grip Security Raising $41M Series B Led by Third Point Ventures – Source: www.darkreading.com
Source: www.darkreading.com – Author: 1 BOSTON — (BUSINESS WIRE) — Grip Security, a leader in SaaS identity risk management, today announced it is raising $41 million...
Forescout Joins MISA and Announces Integration With Microsoft Sentinel – Source: www.darkreading.com
Source: www.darkreading.com – Author: 1 San Jose, CA. August 22, 2023 – Forescout, a global cybersecurity leader, today announced integrations with Microsoft Sentinel as part of a...
Absolute Dental Services Notifies Patients of Data Security Incident – Source: www.darkreading.com
Source: www.darkreading.com – Author: 1 DURHAM, N.C., Aug. 22, 2023 /PRNewswire/ — Absolute Dental Services (“ADS”) is a dental laboratory which experienced a data security incident that may...
Adobe Patches Critical Deserialization Vulnerability, but Exploits Persist – Source: www.darkreading.com
Source: www.darkreading.com – Author: Dark Reading Staff, Dark Reading CISA has added a vulnerability — cataloged as CVE-2023-26359 — to the Known Exploited Vulnerabilities Catalog with a CVSS...
Controversial Cybercrime Law Passes in Jordan – Source: www.darkreading.com
Source: www.darkreading.com – Author: Dan Raywood, Senior Editor, Dark Reading The Jordanian government has passed a new cybercrime law despite global criticism over its content and...
Newer, Better XLoader Signals a Dangerous Shift in macOS Malware – Source: www.darkreading.com
Source: www.darkreading.com – Author: Nate Nelson, Contributing Writer, Dark Reading A new Mac-oriented variant of the XLoader infostealer spread widely in the wild last month, signaling...
Software Makers May Face Greater Liability in Wake of MOVEit Lawsuit – Source: www.darkreading.com
Source: www.darkreading.com – Author: Elizabeth Montalbano, Contributor, Dark Reading A nationwide class-action suit filed against Progress Software in the wake of the massive MOVEit breach could...
When Leadership Style Is a Security Risk – Source: www.darkreading.com
Source: www.darkreading.com – Author: Tyler Farrar, CISO, Exabeam Effective leaders have the power to motivate, inspire, encourage, and guide their teams. While C-suite leadership may receive...
The Physical Impact of Cyberattacks on Cities – Source: www.darkreading.com
Source: www.darkreading.com – Author: Tracy Reinhold, Chief Security Officer, Everbridge In 2022, 106 local US governments experienced ransomware attacks, an increase from 77 in 2021. Cities...
Cuba Ransomware Exploits Veeam Vulnerability – Source: www.govinfosecurity.com
Source: www.govinfosecurity.com – Author: 1 Fraud Management & Cybercrime , Ransomware The Attack Accesses an Exposed API on a Component of the Veeam Application Prajeet Nair...
Monti Ransomware Deploying New Linux Encryptor – Source: www.govinfosecurity.com
Source: www.govinfosecurity.com – Author: 1 Fraud Management & Cybercrime , Ransomware More Ransomware Groups Targeting Linux Systems Akshaya Asokan (asokan_akshaya) • August 22, 2023 ...
BlackCat Ransomware Group Targets Japanese Watchmaker Seiko – Source: www.govinfosecurity.com
Source: www.govinfosecurity.com – Author: 1 Fraud Management & Cybercrime , Governance & Risk Management , Operational Technology (OT) Seiko Hints at Data Breach But Declines to...
New Zero-Day Bug Affects All Versions of Ivanti Sentry – Source: www.govinfosecurity.com
Source: www.govinfosecurity.com – Author: 1 Endpoint Security Zero-Day Can Be Exploited by Chaining It With Last Month’s Ivanti MobileIron Bugs Mihir Bagwe (MihirBagwe) • August 22,...
Applying AI to License Plate Surveillance – Source: www.schneier.com
Source: www.schneier.com – Author: Bruce Schneier License plate scanners aren’t new. Neither is using them for bulk surveillance. What’s new is that AI is being used...
Smart light bulbs could give away your password secrets – Source: nakedsecurity.sophos.com
Source: nakedsecurity.sophos.com – Author: Paul Ducklin A trio of researchers split between Italy and the UK have recently published a paper about cryptographic insecurities they found...
Scraped data of 2.6 million Duolingo users released on hacking forum – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Lawrence Abrams The scraped data of 2.6 million DuoLingo users was leaked on a hacking forum, allowing threat actors to conduct targeted...
New Windows 11 policy lets admins control optional updates installation – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Sergiu Gatlan Microsoft now provides administrators with a new Windows 11 policy that controls how monthly non-security preview updates are installed on...
Windows 11 KB5029351 preview update released with Search fixes – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Sergiu Gatlan Microsoft has released the optional August 2023 cumulative update for Windows 11, version 22H2, with fixes for several issues affecting...
New HiatusRAT malware attacks target US Defense Department – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Sergiu Gatlan In a new HiatusRAT malware campaign, threat actors have targeted a server belonging to the U.S. Department of Defense in...
Microsoft Excel to let you run Python scripts as formulas – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Lawrence Abrams Microsoft is adding the Python programming language to Microsoft Excel, allowing users to create powerful functions for analyzing and manipulating...
Akira ransomware targets Cisco VPNs to breach organizations – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas There’s mounting evidence that Akira ransomware targets Cisco VPN (virtual private network) products as an attack vector to breach corporate...
Carderbee hacking group hits Hong Kong orgs in supply chain attack – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Image: Midjourney A previously unidentified APT hacking group named ‘Carderbee’ was observed attacking organizations in Hong Kong and other regions...
What Is Adaptive Authentication? – Source: securityboulevard.com
Source: securityboulevard.com – Author: HYPR Team Authentication security remains a significant vulnerability in most organizations’ security posture. Even individuals without technical expertise can easily acquire and...
DigitalOcean Simplifies New Acquisitions with Supply Chain Security – Source: securityboulevard.com
Source: securityboulevard.com – Author: Chris Garland Yes, we have specific objectives for uptime and recovery Yes, we talk about resilience, but don’t have specific objectives It’s...