Why Now? The Rise of Attack Surface Management
The term "attack surface management" (ASM) went from unknown to ubiquitous in the cybersecurity space over the past few years....
News
Fortinet: New FortiOS RCE bug “may have been exploited” in attacks
Fortinet says a critical FortiOS SSL VPN vulnerability that was patched last week "may have been exploited" in attacks impacting...
Exploit released for MOVEit RCE bug used in data theft attacks
Horizon3 security researchers have released proof-of-concept (PoC) exploit code for a remote code execution (RCE) bug in the MOVEit Transfer...
Swiss government warns of ongoing DDoS attacks, data leak
The Swiss government has disclosed that a recent ransomware attack on an IT supplier might have impacted its data, while...
Have I Been Pwned warns of new Zacks data breach impacting 8 million
Zacks Investment Research (Zacks) has reportedly suffered an older, previously undisclosed data breach impacting 8.8 million customers, with the database...
US-CERT Vulnerability Summary for the Week of May 29, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Why Now? The Rise of Attack Surface Management
The term "attack surface management" (ASM) went from unknown to ubiquitous in the cybersecurity space over the past few years....
Researchers Uncover Publisher Spoofing Bug in Microsoft Visual Studio Installer
Security researchers have warned about an "easily exploitable" flaw in the Microsoft Visual Studio installer that could be abused by...
Why Now? The Rise of Attack Surface Management
The term "attack surface management" (ASM) went from unknown to ubiquitous in the cybersecurity space over the past few years....
Cybercriminals Using Powerful BatCloak Engine to Make Malware Fully Undetectable
A fully undetectable (FUD) malware obfuscation engine named BatCloak is being used to deploy various malware strains since September 2022,...
Password Reset Hack Exposed in Honda’s E-Commerce Platform, Dealers Data at Risk
Security vulnerabilities discovered in Honda's e-commerce platform could have been exploited to gain unrestricted access to sensitive dealer information. "Broken/missing...
Critical RCE Flaw Discovered in Fortinet FortiGate Firewalls – Patch Now!
Fortinet has released patches to address a critical security flaw in its FortiGate firewalls that could be abused by a...
Apple’s Safari Private Browsing Now Automatically Removes Tracking Parameters in URLs
Apple is introducing major updates to Safari Private Browsing, offering users better protections against third-party trackers as they browse the...
Beware: 1,000+ Fake Cryptocurrency Sites Trap Users in Bogus Rewards Scheme
A previously undetected cryptocurrency scam has leveraged a constellation of over 1,000 fraudulent websites to ensnare users into a bogus...
Strava heatmap feature can be abused to find home addresses
Researchers at the North Carolina State University Raleigh have discovered a privacy risk in the Strava app's heatmap feature that could...
Fortinet fixes critical RCE flaw in Fortigate SSL-VPN devices, patch now
Update 6/11/23: Fortinet statement added below. Fortinet has released new Fortigate firmware updates that fix an undisclosed, critical pre-authentication remote...
US-CERT Vulnerability Summary for the Week of May 29, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
US-CERT Vulnerability Summary for the Week of May 29, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
How to Improve Your API Security Posture
APIs, more formally known as application programming interfaces, empower apps and microservices to communicate and share data. However, this level...
New SPECTRALVIPER Backdoor Targeting Vietnamese Public Companies
Vietnamese public companies have been targeted as part of an ongoing campaign that deploys a novel backdoor called SPECTRALVIPER. "SPECTRALVIPER...
New Critical MOVEit Transfer SQL Injection Vulnerabilities Discovered – Patch Now!
Progress Software, the company behind the MOVEit Transfer application, has released patches to address brand new SQL injection vulnerabilities affecting...
How to Improve Your API Security Posture
APIs, more formally known as application programming interfaces, empower apps and microservices to communicate and share data. However, this level...
BlackCat ransomware fails to extort Australian commercial law giant
Australian law firm HWL Ebsworth confirmed to local media outlets that its network was hacked after the ALPHV ransomware gang...
University of Manchester says hackers ‘likely’ stole data in cyberattack
Image: City Suites The University of Manchester warns staff and students that they suffered a cyberattack where threat actors likely stole...
