Tag: network security
Jul 26, 2024Mohit KumarEnterprise Security / Network Security CrowdStrike is alerting about an unfamiliar threat actor attempting to capitalize on the Falcon Sensor update fiasco to distribute dubious installers targeting German customers as part of a highly targeted campaign. The cybersecurity company said it identified what it described as an unattributed spear-phishing attempt on July…
Read MoreJul 26, 2024Newsroom Cybersecurity researchers are sounding the alarm over an ongoing campaign that’s leveraging internet-exposed Selenium Grid services for illicit cryptocurrency mining. Cloud security Wiz is tracking the activity under the name SeleniumGreed. The campaign, which is targeting older versions of Selenium (3.141.59 and prior), is believed to be underway since at least April…
Read MoreJul 26, 2024NewsroomSoftware Security / Vulnerability Progress Software is urging users to update their Telerik Report Server instances following the discovery of a critical security flaw that could result in remote code execution. The vulnerability, tracked as CVE-2024-6327 (CVSS score: 9.9), impacts Report Server version 2024 Q2 (10.1.24.514) and earlier. “In Progress Telerik Report Server…
Read More‘We are showing them how they can monetize and really be the trusted advisers around delivering managed attack surface capabilities, which are necessary to avoid problems,’ Liongard CEO Michelle Accardi tells CRN. Liongard this week unveiled its innovation road map and a build-out of its attack surface management platform to better equip MSPs to identify…
Read MoreJul 25, 2024NewsroomMalware / Cyber Espionage A North Korea-linked threat actor known for its cyber espionage operations has gradually expanded into financially-motivated attacks that involve the deployment of ransomware, setting it apart from other nation-state hacking groups linked to the country. Google-owned Mandiant is tracking the activity cluster under a new moniker APT45, which overlaps…
Read MoreJul 25, 2024NewsroomCybercrime / Online Safety Meta Platforms on Wednesday said it took steps to remove around 63,000 Instagram accounts in Nigeria that were found to target people with financial sextortion scams. “These included a smaller coordinated network of around 2,500 accounts that we were able to link to a group of around 20 individuals,”…
Read MoreWhile the specifics for security testing vary for applications, web applications, and APIs, a holistic and proactive applications security strategy is essential for all three types. There are six core types of testing that every security professional should know about to secure their applications, regardless of what phase they are in in development or deployment.…
Read MoreJul 25, 2024NewsroomDNS Security /Vulnerability The Internet Systems Consortium (ISC) has released patches to address multiple security vulnerabilities in the Berkeley Internet Name Domain (BIND) 9 Domain Name System (DNS) software suite that could be exploited to trigger a denial-of-service (DoS) condition. “A cyber threat actor could exploit one of these vulnerabilities to cause a…
Read MoreJul 25, 2024NewsroomCloud Security / Vulnerability Cybersecurity researchers have disclosed a privilege escalation vulnerability impacting Google Cloud Platform’s Cloud Functions service that an attacker could exploit to access other services and sensitive data in an unauthorized manner. Tenable has given the vulnerability the name ConfusedFunction. “An attacker could escalate their privileges to the Default Cloud…
Read MoreWebinar: Securing the Modern Workspace: What Enterprises MUST Know about Enterprise Browser Security
- by nlqip
Jul 25, 2024The Hacker NewsBrowser Security / Enterprise Security The browser is the nerve center of the modern workspace. Ironically, however, the browser is also one of the least protected threat surfaces of the modern enterprise. Traditional security tools provide little protection against browser-based threats, leaving organizations exposed. Modern cybersecurity requires a new approach based…
Read MoreRecent Posts
- A Vulnerability in Fortinet FortiManager Could Allow for Remote Code Execution
- ServiceNow CEO McDermott: ‘Taking On The World’s Biggest Challenges’ With AI, New Nvidia Pact, More
- SonicWall CEO On ‘Getting Back To Our Roots’, Using AI And Latest Acquisitions
- Windows 11 KB5044380 preview update lets you remap the Copilot key
- CISA Adds One Known Exploited Vulnerability to Catalog | CISA