Month: June 2024
Jun 10, 2024NewsroomPhishing Attack / Cybercrime Cybersecurity researchers have spotted a phishing attack distributing the More_eggs malware by masquerading it as a resume, a technique originally detected more than two years ago. The attack, which was unsuccessful, targeted an unnamed company in the industrial services industry in May 2024, Canadian cybersecurity firm eSentire disclosed last…
Read More
Zero trust has transformed cybersecurity by eliminating reliance on traditional perimeter defenses, especially in an era of remote work, cloud services, and advanced cyber threats. Coined in 2009 by Forrester analyst John Kindervag, zero trust operates on the principle of “Never trust, always verify.” It emphasizes strict identity and access management, secure key management, and…
Read MoreTry Tenable Web App Scanning Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.…
Read More
Gary Steele, who serves as Splunk general manager in addition to his Cisco post, says in an interview with CRN that a major focus for him is not allowing the nitty-gritty of the ongoing Cisco-Splunk integration to disrupt Splunk’s track record of innovation. In mid-March Cisco Systems completed its $28 billion acquisition of Splunk in…
Read More
‘Belcan’s deep engineering capabilities and domain expertise across the aerospace and defense market will be complemented by Cognizant’s scale and own multidecade digital engineering expertise, providing Belcan’s blue-chip client roster access to our advanced AI, cloud and data technologies,’ says Cognizant CEO Ravi Kumar. Solution provider powerhouse Cognizant is acquiring engineering services specialist Belcan for…
Read More10up–ElasticPress Cross-Site Request Forgery (CSRF) vulnerability in 10up ElasticPress.This issue affects ElasticPress: from n/a through 5.1.0. 2024-06-08 4.3 CVE-2024-35684audit@patchstack.com 10up–Restricted Site Access Authentication Bypass by Spoofing vulnerability in 10up Restricted Site Access allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Restricted Site Access: from n/a through 7.4.1. 2024-06-04 5.3 CVE-2023-48753audit@patchstack.com 10Web Form Builder…
Read More
Terms of the acquisition deal for Lacework, which had once been valued at $8.3 billion, weren’t disclosed. Fortinet announced Monday it has reached an agreement to acquire cloud security firm Lacework in a significant consolidation deal for the cybersecurity industry. The terms of the deal, which is expected to be completed in the second half…
Read More
Privacy authorities in Canada and the United Kingdom have launched a joint investigation to assess the scope of sensitive customer information exposed in last year’s 23andMe data breach. The Privacy Commissioner of Canada and The Information Commissioner’s Office (ICO) will also look into whether the company had adequate safeguards to secure customer data stored on…
Read More
The company has become one of the few pure-play cybersecurity vendors to join the benchmark index. CrowdStrike shares surged Monday after the cybersecurity giant was added to the S&P 500 index. As of this writing Monday morning, CrowdStrike’s stock price was up 8 percent to $376.96 a share. [Related: Analysis: CrowdStrike Strikes Back In Platform,…
Read More
Google has revealed that it took down 1,320 YouTube channels and 1,177 Blogger blogs as part of a coordinated influence operation connected to the People’s Republic of China (PRC). “The coordinated inauthentic network uploaded content in Chinese and English about China and U.S. foreign affairs,” Google Threat Analysis Group (TAG) researcher Billy Leonard said in…
Read More