The Need for Risk-Based Vulnerability Management to Combat Threats
Cyber attacks are increasing as the number of vulnerabilities found in software has increased by over 50% in the last...
News
Critical TootRoot bug lets attackers hijack Mastodon servers
Mastodon, the free and open-source decentralized social networking platform, has patched four vulnerabilities, one of them critical that allows hackers...
CISA warns govt agencies to patch actively exploited Android driver
CISA ordered federal agencies today to patch a high-severity Arm Mali GPU kernel driver privilege escalation flaw added to its list of...
MOVEit Transfer customers warned to patch new critical flaw
MOVEit Transfer, the software at the center of the recent massive spree of Clop ransomware breaches, has received an update...
Barracuda working on fix for ongoing Email Gateway login issues
Image: Bing Image Creator Email and network security firm Barracuda is working to fix an ongoing issue that triggers invalid...
US-CERT Vulnerability Summary for the Week of June 26, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoapple -- mac_os_xA use after free issue was addressed with improved memory...
Google Releases Android Patch Update for 3 Actively Exploited Vulnerabilities
Google has released its monthly security updates for the Android operating system, addressing 46 new software vulnerabilities. Among these, three...
Another Critical Unauthenticated SQLi Flaw Discovered in MOVEit Transfer Software
Progress Software has announced the discovery and patching of a critical SQL injection vulnerability in MOVEit Transfer, popular software used...
Vishing Goes High-Tech: New ‘Letscall’ Malware Employs Voice Traffic Routing
Researchers have issued a warning about an emerging and advanced form of voice phishing (vishing) known as "Letscall." This technique...
Close Security Gaps with Continuous Threat Exposure Management
CISOs, security leaders, and SOC teams often struggle with limited visibility into all connections made to their company-owned assets and...
Mastodon Social Network Patches Critical Flaws Allowing Server Takeover
Mastodon, a popular decentralized social network, has released a security update to fix critical vulnerabilities that could expose millions of...
Another Critical Unauthenticated SQLi Flaw Discovered in MOVEit Transfer Software
Progress Software has announced the discovery and patching of a critical SQL injection vulnerability in MOVEit Transfer, popular software used...
Close Security Gaps with Continuous Threat Exposure Management
CISOs, security leaders, and SOC teams often struggle with limited visibility into all connections made to their company-owned assets and...
Cybersecurity Agencies Sound Alarm on Rising TrueBot Malware Attacks
Cybersecurity agencies have warned about the emergence of new variants of the TrueBot malware. This enhanced threat is now targeting...
How Pen Testing can Soften the Blow on Rising Costs of Cyber Insurance
As technology advances and organizations become more reliant on data, the risks associated with data breaches and cyber-attacks also increase....
Cybersecurity Agencies Sound Alarm on Rising TrueBot Malware Attacks
Cybersecurity agencies have warned about the emergence of new variants of the TrueBot malware. This enhanced threat is now targeting...
Close Security Gaps with Continuous Threat Exposure Management
CISOs, security leaders, and SOC teams often struggle with limited visibility into all connections made to their company-owned assets and...
BlackByte 2.0 Ransomware: Infiltrate, Encrypt, and Extort in Just 5 Days
Ransomware attacks are a major problem for organizations everywhere, and the severity of this problem continues to intensify. Recently, Microsoft's...
Google Releases Android Patch Update for 3 Actively Exploited Vulnerabilities
Google has released its monthly security updates for the Android operating system, addressing 46 new software vulnerabilities. Among these, three...
300,000+ Fortinet firewalls vulnerable to critical FortiOS RCE bug
Hundreds of thousands of FortiGate firewalls are vulnerable to a critical security issue identified as CVE-2023-27997, almost a month after...
Microsoft denies data breach, theft of 30 million customer accounts
Microsoft has denied the claims of the so-called hacktivists “Anonymous Sudan” that they breached the company's servers and stole credentials...
New Python tool checks NPM packages for manifest confusion issues
A security researcher and system administrator has developed a tool that can help users check for manifest mismatches in packages...
Google Analytics data transfer to U.S. brings $1 million fine to Swedish firms
The Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten – IMY) has fined two companies with 12.3 million SEK (€1 million/$1.1 million)...
Hackers target European government entities in SmugX campaign
A phishing campaign that security researchers named SmugX and attributed to a Chinese threat actor has been targeting embassies and...
