Month: July 2024
SEC cyber incident reporting requirements: In 2023, the US Securities and Exchange Commission (SEC) adopted rules requiring registrants to disclose material cybersecurity incidents they experience within four days of determining their materiality and to disclose material information regarding their cybersecurity risk management, strategy, and governance every year. However, as the Center for Cybersecurity Law and…
Read More
In an interview with CRN, HP commercial PC leader Guayente Sanmartin and colleague Alex Thatcher explain why Qualcomm’s new Snapdragon X processors for PCs will have ‘much more success’ with business customers than previous efforts but adoption will take ‘a lot of time.’ The head of HP Inc.’s commercial PC business said Qualcomm’s latest effort…
Read MoreTry Tenable Web App Scanning Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.…
Read More
Google has launched kvmCTF, a new vulnerability reward program (VRP) first announced in October 2023 to improve the security of the Kernel-based Virtual Machine (KVM) hypervisor that comes with $250,000 bounties for full VM escape exploits. KVM, an open-source hypervisor with over 17 years of development, is a crucial component in consumer and enterprise settings, powering…
Read More
Recently patched vulnerabilities in a software dependency management tool used by developers of applications for Apple’s iOS and MacOS platforms, could have opened the door for attackers to insert malicious code into many of the most popular apps on those platforms. One particular security weakness in the CocoaPods dependency manager created a mechanism for hackers…
Read More
Patelco Credit Union has disclosed it experienced a ransomware attack that led to the proactive shutdown of several of its customer-facing banking systems to contain the incident’s impact. Patelco is an American credit union with assets exceeding $9 billion. It offers a wide range of financial services, including checking and savings accounts, loans, credit cards, investment…
Read More
Buy now, pay later loan company Affirm is warning that holders of its payment cards had their personal information exposed due to a data breach at its third-party issuer, Evolve Bank & Trust (Evolve). Affirm is a fintech firm that provides consumer-friendly alternatives to traditional credit options. It also offers point-of-sale financing, virtual cards on…
Read MoreCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog…
Read MoreJuniper Networks released a security bulletin to address a vulnerability in Junos OS: SRX Series. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition. Users and administrators are encouraged to review the following and apply the necessary updates: Source link lol
Read More
From handshake deals to digital pat-downs, the rental market is filled with great opportunities (that is, for scammers). Our very own producer, Andrew Steven recently got some first-hand experience when he and his partner tried to find a new place. We talked to real estate professionals–one rents a cottage, another has a slightly bigger portfolio…
Read More