CISA orders federal agencies to secure Internet-exposed network devices
CISA issued this year's first binding operational directive (BOD) ordering federal civilian agencies to secure misconfigured or Internet-exposed networking equipment...
News
Bulletproof hoster gets 3 years for pushing Urfsnif, Zeus malware
Romanian national Mihai Ionut Paunescu, aka "Virus," was sentenced to three years in prison by a Manhattan federal court for...
WordPress Stripe payment plugin bug leaks customer order details
The WooCommerce Stripe Gateway plugin for WordPress was found to be vulnerable to a bug that allows any unauthenticated user...
US-CERT Vulnerability Summary for the Week of May 29, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Webinar – Mastering API Security: Understanding Your True Attack Surface
Believe it or not, your attack surface is expanding faster than you realize. How? APIs, of course! More formally known...
Beware: New DoubleFinger Loader Targets Cryptocurrency Wallets with Stealer
A novel multi-stage loader called DoubleFinger has been observed delivering a cryptocurrency stealer dubbed GreetingGhoul in what's an advanced attack...
Why Now? The Rise of Attack Surface Management
The term "attack surface management" (ASM) went from unknown to ubiquitous in the cybersecurity space over the past few years....
Adversary-in-the-Middle Attack Campaign Hits Dozens of Global Organizations
"Dozens" of organizations across the world have been targeted as part of a broad business email compromise (BEC) campaign that...
Over Half of Security Leaders Lack Confidence in Protecting App Secrets, Study Reveals
It might come as a surprise, but secrets management has become the elephant in the AppSec room. While security vulnerabilities...
Why Now? The Rise of Attack Surface Management
The term "attack surface management" (ASM) went from unknown to ubiquitous in the cybersecurity space over the past few years....
Two Russian Nationals Charged for Masterminding Mt. Gox Crypto Exchange Hack
The U.S. Department of Justice (DoJ) has charged two Russian nationals in connection with masterminding the 2014 digital heist of...
Webinar – Mastering API Security: Understanding Your True Attack Surface
Believe it or not, your attack surface is expanding faster than you realize. How? APIs, of course! More formally known...
US-CERT Vulnerability Summary for the Week of May 29, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Critical FortiOS and FortiProxy Vulnerability Likely Exploited – Patch Now!
Fortinet on Monday disclosed that a newly patched critical flaw impacting FortiOS and FortiProxy may have been "exploited in a...
Why Now? The Rise of Attack Surface Management
The term "attack surface management" (ASM) went from unknown to ubiquitous in the cybersecurity space over the past few years....
Fortinet: New FortiOS RCE bug “may have been exploited” in attacks
Fortinet says a critical FortiOS SSL VPN vulnerability that was patched last week "may have been exploited" in attacks impacting...
Exploit released for MOVEit RCE bug used in data theft attacks
Horizon3 security researchers have released proof-of-concept (PoC) exploit code for a remote code execution (RCE) bug in the MOVEit Transfer...
Swiss government warns of ongoing DDoS attacks, data leak
The Swiss government has disclosed that a recent ransomware attack on an IT supplier might have impacted its data, while...
Have I Been Pwned warns of new Zacks data breach impacting 8 million
Zacks Investment Research (Zacks) has reportedly suffered an older, previously undisclosed data breach impacting 8.8 million customers, with the database...
US-CERT Vulnerability Summary for the Week of May 29, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Why Now? The Rise of Attack Surface Management
The term "attack surface management" (ASM) went from unknown to ubiquitous in the cybersecurity space over the past few years....
Researchers Uncover Publisher Spoofing Bug in Microsoft Visual Studio Installer
Security researchers have warned about an "easily exploitable" flaw in the Microsoft Visual Studio installer that could be abused by...
Why Now? The Rise of Attack Surface Management
The term "attack surface management" (ASM) went from unknown to ubiquitous in the cybersecurity space over the past few years....
Cybercriminals Using Powerful BatCloak Engine to Make Malware Fully Undetectable
A fully undetectable (FUD) malware obfuscation engine named BatCloak is being used to deploy various malware strains since September 2022,...
