Tag: network security
May 08, 2024NewsroomWeb Security / Vulnerability A high-severity flaw impacting the LiteSpeed Cache plugin for WordPress is being actively exploited by threat actors to create rogue admin accounts on susceptible websites. The findings come from WPScan, which said that the vulnerability (CVE-2023-40000, CVSS score: 8.3) has been leveraged to set up bogus admin users with…
Read More
The U.K. National Crime Agency (NCA) has unmasked the administrator and developer of the LockBit ransomware operation, revealing it to be a 31-year-old Russian national named Dmitry Yuryevich Khoroshev. In addition, Khoroshev has been sanctioned by the U.K. Foreign, Commonwealth and Development Office (FCD), the U.S. Department of the Treasury’s Office of Foreign Assets Control…
Read More
May 07, 2024NewsroomVulnerability / Network Security The MITRE Corporation has offered more details into the recently disclosed cyber attack, stating that the first evidence of the intrusion now dates back to December 31, 2023. The attack, which came to light last month, singled out MITRE’s Networked Experimentation, Research, and Virtualization Environment (NERVE) through the exploitation…
Read More
The Iranian state-backed hacking outfit called APT42 is making use of enhanced social engineering schemes to infiltrate target networks and cloud environments. Targets of the attack include Western and Middle Eastern NGOs, media organizations, academia, legal services and activists, Google Cloud subsidiary Mandiant said in a report published last week. “APT42 was observed posing as…
Read More
At RSA Conference 2024 this week, vendors are showcasing new products in categories including SASE, security operations and application security — with many touting newly released, GenAI-powered cybersecurity capabilities. Big RSAC Product Announcements Even as the cybersecurity industry continues to maintain its rapid growth pace — leading many vendors to roll out product announcements throughout…
Read More
May 07, 2024The Hacker NewsRegulatory Compliance / Cyber Threat How safe is your comments section? Discover how a seemingly innocent ‘thank you’ comment on a product page concealed a malicious vulnerability, underscoring the necessity of robust security measures. Read the full real-life case study here. When is a ‘Thank you’ not a ‘Thank you’? When…
Read More
May 07, 2024NewsroomOnline Security / Data Breach Google on Monday announced that it’s simplifying the process of enabling two-factor authentication (2FA) for users with personal and Workspace accounts. Also called, 2-Step Verification (2SV), it aims to add an extra layer of security to users’ accounts to prevent takeover attacks in case the passwords are stolen.…
Read More
May 07, 2024NewsroomCryptocurrency / Cybercrime A Russian operator of a now-dismantled BTC-e cryptocurrency exchange has pleaded guilty to money laundering charges from 2011 to 2017. Alexander Vinnik, 44, was charged in January 2017 and taken into custody in Greece in July 2017. He was subsequently extradited to the U.S. in August 2022. Vinnik and his…
Read More
Abacus Group, NexusTek, Astrica, Wipro, HP, Microsoft and Saviynt were among the tech companies making key executive hires and moves during April 2024. New CEOs at Abacus Group, NexusTek, Astrica and Wipro were some of the biggest executive moves last month. Anthony D’Ambrosi, formerly of ATSG; Hamilton Yu; Vicky Papa, formerly of NTT Data; and…
Read More
‘I think of it as an entrepreneurial way to be in a global market as a leader on day one with one of the biggest partners in the world. We really want to be that hub in the security industry [for] providing really advanced cyber solutions,’ LevelBlue’s CEO Bob McCullen tells CRN on the company’s…
Read More