CrushFTP warned customers today in a private memo of an actively exploited zero-day vulnerability fixed in new versions released today, urging them to patch their servers immediately. As the company also explains in a public security advisory published on Friday, this zero-day bug enables unauthenticated attackers to escape the user’s virtual file system (VFS) and…

Read More

On November 9, 2022 Twitter CISO Lea Kissner resigned along with the company’s chief privacy officer and its chief compliance officer. The Washington Post and other media outlets reported that internal Slack messages at Twitter revealed serious concerns that new leadership was pushing for the release of products and changes without effective security reviews—and that…

Read More

Published by Aghiath Chbib Results-oriented, adaptable, established executive equipped with 20 years of success driving global business in large, multimillion-dollar organizations and private start-ups. Extensive experience spearheading operations within complex, technology-driven environments ensuring adherence to organizational strategies and best practices. Expert at building and directing high- performing, cross-functional teams with a focus on leadership, collaboration,…

Read More

MS-ISAC ADVISORY NUMBER: 2024-014 DATE(S) ISSUED: 01/30/2024 OVERVIEW: A vulnerability has been discovered in Trend Micro uiAirSupport, that could allow for arbitrary code execution. Trend Micro uiAirSupport is a support tool product made by Trend Micro. Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the affected service account.…

Read More

When dealing with compliance regulations, each organization can face a variety of potential risks. Without having a full understanding of an organization’s risk exposure, critical systems and data will be at risk for attacks or data leakage. The Center for Internet Security (CIS) developed a series of best practice benchmarks for a variety of applications,…

Read More

To ensure the most complete information about the security posture of assets, organizations should use scans that make use of credentials. Scans that use credentials and successfully authenticate on a system (and run with Local Security Checks enabled) return a much more comprehensive set of data about the system. This Assurance Report Card (ARC) provides the ability…

Read More

Data Privacy vs Data Security: Why you Need to Know the Difference Protecting data from cyberthreats such as hackers and unauthorized access is essential in today’s environment. Whether this is guarding it against attackers that seek to steal data for ransom or making sure only authorized personnel have access to highly sensitive details such as…

Read More

G42 ‘will run its AI applications and services on Microsoft Azure’ as part of the deal. Microsoft plans to invest $1.5 billion in an artificial intelligence company based in the United Arab Emirates in exchange for a minority stake and a board of directors seat for Microsoft Vice Chair and President Brad Smith. The Redmond,…

Read More

Tenable®, the Exposure Management company, announced the recipients of its 2024 Global Partner Awards, a distinction that honors channel partners for their excellence and dedication to helping organizations worldwide better reduce cyber risk. The fourth annual Global Partner Awards includes nine categories that recognize technology, distributors, resellers, systems integrators, and MSSP partners for their achievements…

Read More

Try Tenable Web App Scanning Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.…

Read More