Author: nlqip
May 09, 2024NewsroomNetwork Security / Botnet Two recently disclosed security flaws in Ivanti Connect Secure (ICS) devices are being exploited to deploy the infamous Mirai botnet. That’s according to findings from Juniper Threat Labs, which said the vulnerabilities CVE-2023-46805 and CVE-2024-21887 have been leveraged to deliver the botnet payload. While CVE-2023-46805 is an authentication bypass…
Read More
May 09, 2024The Hacker NewsvCISO / Regulatory Compliance Cybersecurity and compliance guidance are in high demand among SMEs. However, many of them cannot afford to hire a full-time CISO. A vCISO can answer this need by offering on-demand access to top-tier cybersecurity expertise. This is also an opportunity for MSPs and MSSPs to grow their…
Read More
“We regularly see attempted attacks and rumors circulating, but it is crucial to rely only on official communications from Zscaler itself to get factual updates and information,” the employee had said. The rumors started after the notorious Serbian threat actor named IntelBroker offered to sell access to a cybersecurity company with a revenue of $1.8…
Read More
A medical lab that specialises in cancer screenings has admitted to an alarming data breach that left sensitive patient information exposed for years – and accessible by unauthorised parties. California-based Guardant Health is notifying affected individuals that information related to samples collected in late 2019 and 2020 was “inadvertently” left exposed online to the general…
Read More
Cybersecurity analysts point out that we are seeing a departure from traditional approaches. Traditional cybersecurity solutions have been limited to either time-driven or point-driven security, noted Faisal Kawooza, chief analyst at Techarc. This means they could only defend against cyberthreats that their systems had already recognized, understood, and formulated defenses against. “As we see the…
Read More
May 09, 2024NewsroomFirewall / Network Security Two security vulnerabilities have been discovered in F5 Next Central Manager that could be exploited by a threat actor to seize control of the devices and create hidden rogue administrator accounts for persistence. The remotely exploitable flaws “can give attackers full administrative control of the device, and subsequently allow…
Read More
Update 5/8/24: Out original article was updated to include new information about a breached “test” environment. Zscaler says that they discovered an exposed “test environment” that was taken offline for analysis after rumors circulated that a threat actor was selling access to the company’s systems. In a Wednesday afternoon post, Zscaler initially stated that its ongoing…
Read More
Zscaler says that today’s rumors it was breached are false after a threat actor claimed to be selling access to one of the “largest cyber security companies.” In a Wednesday afternoon post, Zscaler said its ongoing investigation has shown no evidence that they were breached. “Zscaler is aware of a public X (formerly known as Twitter) post by a threat actor…
Read More
Vendors including Palo Alto Networks, Trellix and Proofpoint debuted new AI-powered security tools and capabilities this week during the conference. Without a doubt, this year’s RSA Conference in San Francisco has lived up to expectations when it comes to the focus on generative AI. RSAC 2024 has seen countless vendors unveil new security tools and…
Read More
The nonprofit and Catholic health system said that on May 8 it ‘detected unusual activity on select technology network systems.’ Ascension, a health system with 140 hospitals and operations in 19 states and Washington, D.C., said that its clinical operations were disrupted after it discovered “unusual activity” on some of its network systems Wednesday. The…
Read More