Tag: network security
Sep 06, 2024Ravie LakshmananWordPress / Webinar Security Cybersecurity researchers have discovered yet another critical security flaw in the LiteSpeed Cache plugin for WordPress that could allow unauthenticated users to take control of arbitrary accounts. The vulnerability, tracked as CVE-2024-44000 (CVSS score: 7.5), impacts versions before and including 6.4.1. It has been addressed in version 6.5.0.1.…
Read More
Sep 06, 2024Ravie LakshmananPrivacy / Data Security Telegram CEO Pavel Durov has broken his silence nearly two weeks after his arrest in France, stating the charges are misguided. “If a country is unhappy with an internet service, the established practice is to start a legal action against the service itself,” Durov said in a 600-word…
Read More
Sep 06, 2024Ravie LakshmananCybersecurity / Vulnerability A new security flaw has been addressed in the Apache OFBiz open-source enterprise resource planning (ERP) system that, if successfully exploited, could lead to unauthenticated remote code execution on Linux and Windows. The high-severity vulnerability, tracked as CVE-2024-45195 (CVSS score: 7.5), affects all versions of the software before 18.12.16.…
Read More
Sep 05, 2024Ravie LakshmananThreat Prevention / Software Security Veeam has shipped security updates to address a total of 18 security flaws impacting its software products, including five critical vulnerabilities that could result in remote code execution. The list of shortcomings is below – CVE-2024-40711 (CVSS score: 9.8) – A vulnerability in Veeam Backup & Replication…
Read More
Sep 05, 2024Ravie LakshmananMalware / Human Rights Unnamed government entities in the Middle East and Malaysia are the target of a persistent cyber campaign orchestrated by a threat actor known as Tropic Trooper since June 2023. “Sighting this group’s [Tactics, Techniques, and Procedures] in critical governmental entities in the Middle East, particularly those related to…
Read More
[‘Frontier] will build on Verizon’s two decades of leadership at the forefront of fiber and is an opportunity to become more competitive in more markets throughout the United States, enhancing our ability to deliver premium offerings to millions more customers across a combined fiber network,’ says Verizon CEO Hans Vestberg. Verizon is acquiring Frontier Communications…
Read More
The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of 32 internet domains used by a pro-Russian propaganda operation called Doppelganger as part of a sweeping set of actions. Accusing the Russian government-directed foreign malign influence campaign of violating U.S. money laundering and criminal trademark laws, the agency called out companies Social Design…
Read More
“It’s a perfect fit for our platform,” Kiteworks SVP Amit Toren told CRN in an interview. Kiteworks has purchased 123FormBuilder in a move that promises to boost the data privacy and compliance tools vendor’s secure data collection capabilities – and the vendor is still hunting for more acquisitions following a $456 million growth equity investment.…
Read More
Sep 05, 2024The Hacker NewsThreat Detection / Vulnerability Management It’s been a decade since the National Institute of Standards and Technology (NIST) introduced its Cybersecurity Framework (CSF) 1.0. Created following a 2013 Executive Order, NIST was tasked with designing a voluntary cybersecurity framework that would help organizations manage cyber risk, providing guidance based on established…
Read More
Sep 05, 2024Ravie LakshmananCyber Attack / Malware The Chinese-speaking threat actor known as Earth Lusca has been observed using a new backdoor dubbed KTLVdoor as part of a cyber attack targeting an unnamed trading company based in China. The previously unreported malware is written in Golang, and thus is a cross-platform weapon capable of targeting…
Read More