Try Tenable Web App Scanning Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.…
Read More
‘We really preach that if a client is compliant that does not mean that it’s secured and vice versa,’ says Royi Barnea, vice president of channel sales at Cynomi. Offering virtual CISO services can help MSPs improve the cybersecurity and compliance postures of customers of any size. That’s the message from Royi Barnea, vice president…
Read More
Today, Ivanti urged customers to patch a critical authentication bypass vulnerability impacting Virtual Traffic Manager (vTM) appliances that can let attackers create rogue administrator accounts. Ivanti vTM is a software-based application delivery controller (ADC) that provides app-centric traffic management and load balancing for hosting business-critical services. Tracked as CVE-2024-7593, this auth bypass vulnerability is due…
Read More
Scams Here’s how to spot and dodge scams when searching for stuff on the classified ads website that offers almost everything under the sun 12 Aug 2024 • , 5 min. read People have been buying and selling items on Craigslist for nearly three decades. As a platform for digital classified ads, its utility is…
Read More
Privacy What if your favorite dating, social media or gaming app revealed your exact coordinates to someone you’d rather keep at a distance? 12 Aug 2024 • , 3 min. read In today’s digital age, geolocation features in many apps offer undeniable convenience. Just before writing this blog, I needed to locate some materials for…
Read More
Aug 13, 2024Ravie LakshmananHealthcare / Vulnerability Cybersecurity researchers have discovered two security flaws in Microsoft’s Azure Health Bot Service that, if exploited, could permit a malicious actor to achieve lateral movement within customer environments and access sensitive patient data. The critical issues, now patched by Microsoft, could have allowed access to cross-tenant resources within the…
Read More
Learn why the broad use of gen AI copilots will inevitably increase data breaches This scenario is becoming increasingly common in the gen AI era: a competitor somehow gains access to sensitive account information and uses that data to target the organization’s customers with ad campaigns. The organization had no idea how the data was obtained.…
Read More
Arctiq, Aviatrix, Optiv, AWS, Salesforce and OpenText were among the tech companies making key executive hires and moves in July 2024. A new chief revenue officer at Arctiq. A new chief technology officer at Aviatrix. And a new senior vice president of partners, alliances and ecosystems at Optiv. Chris McMillen, formerly of Ahead; Anirban Sengupta,…
Read More
Aug 13, 2024Ravie LakshmananVulnerability / Hardware Security A team of researchers from the CISPA Helmholtz Center for Information Security in Germany has disclosed an architectural bug impacting Chinese chip company T-Head’s XuanTie C910 and C920 RISC-V CPUs that could allow attackers to gain unrestricted access to susceptible devices. The vulnerability has been codenamed GhostWrite. It…
Read More
Belarusian-Ukrainian national Maksim Silnikau was arrested in Spain and extradited to the USA to face charges for creating the Ransom Cartel ransomware operation in 2021 and for running a malvertising operation from 2013 to 2022. The threat actor operated under the aliases “J.P. Morgan,” “xxx,” and “lansky” on Russian-speaking hacking forum, where he allegedly promoted the cybercrime operations.…
Read More