Featured

Exploitation of Citrix ShareFile Vulnerability Spikes as CISA Issues Warning 

Citrix, exploited, Featured, Vulnerabilities /

Exploitation of Citrix ShareFile Vulnerability Spikes as CISA Issues Warning  17/08/2023 at 12:18 By Eduard Kovacs Exploitation of a Citrix ShareFile vulnerability tracked as CVE-2023-24489 has spiked as CISA added it to its ‘must patch’ catalog. The post Exploitation of Citrix ShareFile Vulnerability Spikes as CISA Issues Warning  appeared first on SecurityWeek. This article is […]

React to this headline:

Loading spinner

Exploitation of Citrix ShareFile Vulnerability Spikes as CISA Issues Warning  Read More »

CISO Conversations: CISOs in Cloud-based Services Discuss the Process of Leadership

CISO, CISO Conversations, cloud security, Featured /

CISO Conversations: CISOs in Cloud-based Services Discuss the Process of Leadership 15/08/2023 at 16:31 By Kevin Townsend SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework. The post CISO Conversations: CISOs in Cloud-based Services Discuss the Process of Leadership appeared first on SecurityWeek.

React to this headline:

Loading spinner

CISO Conversations: CISOs in Cloud-based Services Discuss the Process of Leadership Read More »

Iagona ScrutisWeb Vulnerabilities Could Expose ATMs to Remote Hacking

ATM, Endpoint Security, Featured, Vulnerabilities, vulnerability /

Iagona ScrutisWeb Vulnerabilities Could Expose ATMs to Remote Hacking 14/08/2023 at 13:46 By Eduard Kovacs Several vulnerabilities discovered in Iagona ScrutisWeb ATM fleet monitoring software could be exploited to remotely hack ATMs. The post Iagona ScrutisWeb Vulnerabilities Could Expose ATMs to Remote Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Iagona ScrutisWeb Vulnerabilities Could Expose ATMs to Remote Hacking Read More »

Black Hat USA 2023 – Announcements Summary

Black Hat, Featured /

Black Hat USA 2023 – Announcements Summary 11/08/2023 at 15:16 By Eduard Kovacs Hundreds of companies and organizations showcased their products and services this week at the 2023 edition of the Black Hat conference in Las Vegas. The post Black Hat USA 2023 – Announcements Summary appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Black Hat USA 2023 – Announcements Summary Read More »

CISA Warns Organizations of Exploited Vulnerability Affecting .NET, Visual Studio 

.NET, CISA, Featured, Microsoft, Vulnerabilities, Zero-Day /

CISA Warns Organizations of Exploited Vulnerability Affecting .NET, Visual Studio  10/08/2023 at 12:33 By Eduard Kovacs CISA has added CVE-2023-38180, a zero-day vulnerability affecting .NET and Visual Studio, to its Known Exploited Vulnerabilities Catalog. The post CISA Warns Organizations of Exploited Vulnerability Affecting .NET, Visual Studio  appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

CISA Warns Organizations of Exploited Vulnerability Affecting .NET, Visual Studio  Read More »

Downfall: New Intel CPU Attack Exposing Sensitive Information

CPU, Endpoint Security, Featured, Intel, Vulnerabilities /

Downfall: New Intel CPU Attack Exposing Sensitive Information 09/08/2023 at 09:32 By Eduard Kovacs Google researcher discloses the details of an Intel CPU attack method named Downfall that may be remotely exploitable. The post Downfall: New Intel CPU Attack Exposing Sensitive Information appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Downfall: New Intel CPU Attack Exposing Sensitive Information Read More »

Black Hat Preview: The Business of Cyber Takes Center Stage

Black Hat, Featured /

Black Hat Preview: The Business of Cyber Takes Center Stage 08/08/2023 at 14:46 By Ryan Naraine The cybersecurity industry heads to Las Vegas this week for Black Hat in a state of economic contraction, confusion and excitement. Can the promise of AI overcome the hype cycle to truly solve security problems? The post Black Hat

React to this headline:

Loading spinner

Black Hat Preview: The Business of Cyber Takes Center Stage Read More »

North Korean Hackers Targeted Russian Missile Developer

Cyberwarfare, Featured, North Korea, Russia /

North Korean Hackers Targeted Russian Missile Developer 07/08/2023 at 20:01 By Eduard Kovacs A sanctioned Russian missile maker appears to have been targeted by two important North Korean hacking groups. The post North Korean Hackers Targeted Russian Missile Developer appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

North Korean Hackers Targeted Russian Missile Developer Read More »

Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities

Featured, Government, Vulnerabilities, vulnerability /

Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities 04/08/2023 at 12:31 By Ionut Arghire Five Eyes government agencies have published a list of the software vulnerabilities that were most frequently exploited in malicious attacks in 2022. The post Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities Read More »

Salesforce Email Service Zero-Day Exploited in Phishing Campaign

email security, Featured, phishing, Salesforce /

Salesforce Email Service Zero-Day Exploited in Phishing Campaign 03/08/2023 at 12:47 By Eduard Kovacs Threat actors have exploited a Salesforce email service zero-day vulnerability and abused Meta features in a sophisticated phishing campaign. The post Salesforce Email Service Zero-Day Exploited in Phishing Campaign appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Salesforce Email Service Zero-Day Exploited in Phishing Campaign Read More »

Microsoft Catches Russian Government Hackers Phishing with Teams Chat App

cloud security, Featured, Nation-State /

Microsoft Catches Russian Government Hackers Phishing with Teams Chat App 03/08/2023 at 01:01 By Ryan Naraine Microsoft says a Russian government-linked hacking group is using its Microsoft Teams chat app to phish for credentials at targeted organizations. The post Microsoft Catches Russian Government Hackers Phishing with Teams Chat App appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Microsoft Catches Russian Government Hackers Phishing with Teams Chat App Read More »

Nearly All Modern CPUs Leak Data to New Collide+Power Side-Channel Attack

CPU, Endpoint Security, Featured, side-channel attack /

Nearly All Modern CPUs Leak Data to New Collide+Power Side-Channel Attack 01/08/2023 at 20:15 By Eduard Kovacs A new power side-channel attack named Collide+Power can allow an attacker to obtain sensitive information and it works against nearly any modern CPU. The post Nearly All Modern CPUs Leak Data to New Collide+Power Side-Channel Attack appeared first

React to this headline:

Loading spinner

Nearly All Modern CPUs Leak Data to New Collide+Power Side-Channel Attack Read More »

Ransomware Attacks on Industrial Organizations Doubled in Past Year: Report

Featured, ICS, ICS/OT, Ransomware /

Ransomware Attacks on Industrial Organizations Doubled in Past Year: Report 01/08/2023 at 14:03 By Eduard Kovacs The number of ransomware attacks targeting industrial organizations and infrastructure has doubled since the second quarter of 2022, according to Dragos. The post Ransomware Attacks on Industrial Organizations Doubled in Past Year: Report appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Ransomware Attacks on Industrial Organizations Doubled in Past Year: Report Read More »

Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks

Featured, Ivanti, Malware & Threats, Vulnerabilities, Zero-Day /

Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks 31/07/2023 at 13:31 By Eduard Kovacs Ivanti EPMM customers have been warned of CVE-2023-35081, a second zero-day vulnerability that has been exploited in targeted attacks. The post Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks Read More »

Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads

cloud security, Featured, Ubuntu, Vulnerabilities, vulnerability /

Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads 27/07/2023 at 17:20 By Kevin Townsend Researchers discovered two vulnerabilities in the Ubuntu OverlayFS module: CVE-2023-2640 and CVE-2023-32629 (together dubbed ‘GameOver(lay)’). The post Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads Read More »

Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government

cybercrime, exploited, Featured, Ivanti, Vulnerabilities, Zero-Day /

Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government 25/07/2023 at 13:04 By Eduard Kovacs An Ivanti EPMM product zero-day vulnerability tracked as CVE-2023-35078 has been exploited in an attack aimed at the Norwegian government. The post Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government Read More »

Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails

Azure, cloud security, email authentication, email security, Featured, Government, Microsoft, MSA key /

Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails 21/07/2023 at 20:19 By Ryan Naraine Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online. The post Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails Read More »

Citrix Zero-Day Exploited Against Critical Infrastructure Organization

Citrix, exploited, Featured, Vulnerabilities, Zero-Day /

Citrix Zero-Day Exploited Against Critical Infrastructure Organization 21/07/2023 at 13:33 By Eduard Kovacs CISA says the new Citrix zero day vulnerability tracked as CVE-2023-3519 has been exploited against a critical infrastructure organization. The post Citrix Zero-Day Exploited Against Critical Infrastructure Organization appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Citrix Zero-Day Exploited Against Critical Infrastructure Organization Read More »

Two New Adobe ColdFusion Vulnerabilities Exploited in Attacks

Adobe, ColdFusion, exploited, Featured, Vulnerabilities /

Two New Adobe ColdFusion Vulnerabilities Exploited in Attacks 18/07/2023 at 14:19 By Eduard Kovacs At least two new Adobe ColdFusion vulnerabilities have been exploited in the wild, including one that has not been completely patched by the software giant. The post Two New Adobe ColdFusion Vulnerabilities Exploited in Attacks appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Two New Adobe ColdFusion Vulnerabilities Exploited in Attacks Read More »

Hacker Conversations: Inside the Mind of Daniel Kelley, ex-Blackhat

cybercrime, Featured, Hacker Conversations, Tracking & Law Enforcement /

Hacker Conversations: Inside the Mind of Daniel Kelley, ex-Blackhat 18/07/2023 at 14:19 By Kevin Townsend Daniel Kelley was just 18 years old when he was arrested and charged on thirty counts – most infamously for the 2015 hack of UK telecoms firm TalkTalk. In 2019 he was convicted and sentenced to four years in prison. 

React to this headline:

Loading spinner

Hacker Conversations: Inside the Mind of Daniel Kelley, ex-Blackhat Read More »

Scroll to Top