June 2023

Password Reset Hack Exposed in Honda’s E-Commerce Platform, Dealers Data at Risk

Uncategorized /

Password Reset Hack Exposed in Honda’s E-Commerce Platform, Dealers Data at Risk 12/06/2023 at 11:46 By Security vulnerabilities discovered in Honda’s e-commerce platform could have been exploited to gain unrestricted access to sensitive dealer information. “Broken/missing access controls made it possible to access all data on the platform, even when logged in as a test […]

React to this headline:

Loading spinner

Password Reset Hack Exposed in Honda’s E-Commerce Platform, Dealers Data at Risk Read More »

Beware: 1,000+ Fake Cryptocurrency Sites Trap Users in Bogus Rewards Scheme

Uncategorized /

Beware: 1,000+ Fake Cryptocurrency Sites Trap Users in Bogus Rewards Scheme 12/06/2023 at 11:31 By A previously undetected cryptocurrency scam has leveraged a constellation of over 1,000 fraudulent websites to ensnare users into a bogus rewards scheme since at least January 2021. “This massive campaign has likely resulted in thousands of people being scammed worldwide,”

React to this headline:

Loading spinner

Beware: 1,000+ Fake Cryptocurrency Sites Trap Users in Bogus Rewards Scheme Read More »

Critical RCE Flaw Discovered in Fortinet FortiGate Firewalls – Patch Now!

Uncategorized /

Critical RCE Flaw Discovered in Fortinet FortiGate Firewalls – Patch Now! 12/06/2023 at 10:25 By Fortinet has released patches to address a critical security flaw in its FortiGate firewalls that could be abused by a threat actor to achieve remote code execution. The vulnerability, tracked as CVE-2023-27997, is “reachable pre-authentication, on every SSL VPN appliance,” Lexfo

React to this headline:

Loading spinner

Critical RCE Flaw Discovered in Fortinet FortiGate Firewalls – Patch Now! Read More »

Apple’s Safari Private Browsing Now Automatically Removes Tracking Parameters in URLs

Uncategorized /

Apple’s Safari Private Browsing Now Automatically Removes Tracking Parameters in URLs 12/06/2023 at 07:56 By Apple is introducing major updates to Safari Private Browsing, offering users better protections against third-party trackers as they browse the web. “Advanced tracking and fingerprinting protections go even further to help prevent websites from using the latest techniques to track or

React to this headline:

Loading spinner

Apple’s Safari Private Browsing Now Automatically Removes Tracking Parameters in URLs Read More »

Building a culture of security awareness in healthcare begins with leadership

CISO, cyber risk, cybersecurity, Don't miss, Features, healthcare, Hot stuff, how-to, News, security controls, strategy, tips /

Building a culture of security awareness in healthcare begins with leadership 12/06/2023 at 07:35 By Mirko Zorz With the rise of modern trends such as cloud computing and remote work, healthcare institutions strive to balance accessibility, convenience, and robust security. In this Help Net Security interview, Ken Briggs, General Counsel at Salucro, discusses how fostering

React to this headline:

Loading spinner

Building a culture of security awareness in healthcare begins with leadership Read More »

Examining the long-term effects of data privacy violations

CCPA, cybersecurity, Data Protection, data security, Don't miss, GDPR, Hot stuff, Privacy, Video /

Examining the long-term effects of data privacy violations 12/06/2023 at 07:02 By Help Net Security Regulatory bodies are taking potential data privacy violations much more seriously this year after a relatively quiet period that followed the enactment of regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We

React to this headline:

Loading spinner

Examining the long-term effects of data privacy violations Read More »

Executive leadership programs for security professionals

Uncategorized /

Executive leadership programs for security professionals 12/06/2023 at 07:02 By Executive education courses can help security leaders better align their functions with the business, explore leadership tactics and enhance crisis management. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Executive leadership programs for security professionals Read More »

Cyber extortion hits all-time high

attacks, Don't miss, extortion, Government, law enforcement, News, Orange Cyberdefense, report /

Cyber extortion hits all-time high 12/06/2023 at 06:32 By Help Net Security Cyber extortion attacks have become increasingly prevalent in recent years, posing a significant threat to organizations of all sizes and industries, according to Orange Cyberdefense. Examining data from a total of 6,707 confirmed business victims, the findings show a fluctuation in the number

React to this headline:

Loading spinner

Cyber extortion hits all-time high Read More »

Lack of adequate investments hinders identity security efforts

cyberattack, cybersecurity, framework, identity, IDSA, News, report /

Lack of adequate investments hinders identity security efforts 12/06/2023 at 06:03 By Help Net Security Organizations are still grappling with identity-related incidents, with an alarming 90% reporting one in the last 12 months, a 6% increase from last year, according to The Identity Defined Security Alliance (IDSA). Protecting digital identities As identities continue to significantly

React to this headline:

Loading spinner

Lack of adequate investments hinders identity security efforts Read More »

Fortinet patches pre-auth RCE, update your Fortigate firewalls ASAP! (CVE-2023-27997)

Don't miss, Fortinet, FortiOS, Hot stuff, Lexfo, News, Olympe Cyberdefense, security update, vulnerability /

Fortinet patches pre-auth RCE, update your Fortigate firewalls ASAP! (CVE-2023-27997) 11/06/2023 at 22:06 By Zeljka Zorz Fortinet has released several versions of FortiOS, the OS/firmware powering its Fortigate firewalls and other devices, without mentioning that they include a fix for CVE-2023-27997, a remote code execution (RCE) flaw that does not require the attacker to be

React to this headline:

Loading spinner

Fortinet patches pre-auth RCE, update your Fortigate firewalls ASAP! (CVE-2023-27997) Read More »

Week in review: 9 free cybersecurity whitepapers, Patch Tuesday forecast

News, Week in review /

Week in review: 9 free cybersecurity whitepapers, Patch Tuesday forecast 11/06/2023 at 11:22 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Cl0p announces rules for extortion negotiation after MOVEit hack The Cl0p cyber extortion crew says that the many organizations whose data they have

React to this headline:

Loading spinner

Week in review: 9 free cybersecurity whitepapers, Patch Tuesday forecast Read More »

New SPECTRALVIPER Backdoor Targeting Vietnamese Public Companies

Uncategorized /

New SPECTRALVIPER Backdoor Targeting Vietnamese Public Companies 10/06/2023 at 16:06 By Vietnamese public companies have been targeted as part of an ongoing campaign that deploys a novel backdoor called SPECTRALVIPER. “SPECTRALVIPER is a heavily obfuscated, previously undisclosed, x64 backdoor that brings PE loading and injection, file upload and download, file and directory manipulation, and token impersonation

React to this headline:

Loading spinner

New SPECTRALVIPER Backdoor Targeting Vietnamese Public Companies Read More »

New Critical MOVEit Transfer SQL Injection Vulnerabilities Discovered – Patch Now!

Uncategorized /

New Critical MOVEit Transfer SQL Injection Vulnerabilities Discovered – Patch Now! 10/06/2023 at 12:18 By Progress Software, the company behind the MOVEit Transfer application, has released patches to address brand new SQL injection vulnerabilities affecting the file transfer solution that could enable the theft of sensitive information. “Multiple SQL injection vulnerabilities have been identified in

React to this headline:

Loading spinner

New Critical MOVEit Transfer SQL Injection Vulnerabilities Discovered – Patch Now! Read More »

Trustwave Action Response: Zero Day Vulnerability in Barracuda Email Security Gateway Appliance (ESG) (CVE-2023-2868)

Uncategorized /

Trustwave Action Response: Zero Day Vulnerability in Barracuda Email Security Gateway Appliance (ESG) (CVE-2023-2868) 10/06/2023 at 00:05 By On May 19, 2023, Barracuda Networks identified a remote command injection vulnerability (CVE-2023-2868) present in the Barracuda Email Security Gateway (appliance form factor only) versions 5.1.3.001-9.2.0.006. This article is an excerpt from SpiderLabs Blog from Trustwave View

React to this headline:

Loading spinner

Trustwave Action Response: Zero Day Vulnerability in Barracuda Email Security Gateway Appliance (ESG) (CVE-2023-2868) Read More »

10% of CISOs and IT professionals manage cybersecurity in-house

Uncategorized /

10% of CISOs and IT professionals manage cybersecurity in-house 09/06/2023 at 21:47 By Security spending trends and priorities of Chief Information Security Officers (CISOs) and IT professionals were analyzed in a report by Nuspire.  This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

10% of CISOs and IT professionals manage cybersecurity in-house Read More »

OSHA found South Dakota company retaliated against whistleblower

Uncategorized /

OSHA found South Dakota company retaliated against whistleblower 09/06/2023 at 21:07 By A South Dakota helicopter ambulance servicer was investigated by the Occupational Safety and Health Administration for terminating a whistleblower. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

OSHA found South Dakota company retaliated against whistleblower Read More »

Microsoft Uncovers Banking AitM Phishing and BEC Attacks Targeting Financial Giants

Uncategorized /

Microsoft Uncovers Banking AitM Phishing and BEC Attacks Targeting Financial Giants 09/06/2023 at 19:46 By Banking and financial services organizations are the targets of a new multi-stage adversary-in-the-middle (AitM) phishing and business email compromise (BEC) attack, Microsoft has revealed. “The attack originated from a compromised trusted vendor and transitioned into a series of AiTM attacks

React to this headline:

Loading spinner

Microsoft Uncovers Banking AitM Phishing and BEC Attacks Targeting Financial Giants Read More »

In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption

AI, Application Security, Government, Government Policy, Quantum cryptography /

In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption 09/06/2023 at 19:30 By Eduard Kovacs Cybersecurity news that you may have missed this week: AI regulation, layoffs, US aerospace malware attacks, and post-quantum encryption. The post In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption Read More »

Scroll to Top