Uncategorized

Zyxel Firewalls Under Attack! Urgent Patching Required 06/06/2023 at 07:32 By The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed two recently disclosed flaws in Zyxel firewalls to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities, tracked as CVE-2023-33009 and CVE-2023-33010, are buffer overflow vulnerabilities that could enable an unauthenticated […]

React to this headline:

Strategies for effectively outsourcing security 06/06/2023 at 07:19 By When it comes to outsourcing security guard services, security leaders should develop a plan to encourage retention and invest in their team. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Leveraging visitor management data for enterprise safety 06/06/2023 at 07:19 By Visitor management systems can help organizations of all sizes by enhancing security, improving efficiency and increasing accountability. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Texas State University updates security measures 05/06/2023 at 23:26 By Texas State University is updating campus security measures. The university will add E-Phones from Knightscope to call for help in case of emergency. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

49% of organizations proactively invest in identity protection 05/06/2023 at 23:26 By A new report reveals that 89% of businesses are somewhat or very concerned that new privacy regulations will impact identity security at their organization. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Security leaders plan for changing IT roles 05/06/2023 at 22:52 By IT professionals find themselves in hybrid roles that combine traditional development with tasks formerly associated with operations professionals. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

66% of organizations have increased their investment in SaaS apps 05/06/2023 at 21:05 By According to a survey, 58% of organizations estimate their current SaaS security solutions only cover 50% or less of their SaaS applications. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Automation is no longer the future of cybersecurity: It’s the present 05/06/2023 at 16:08 By It’s no secret that we’re facing a critical cybersecurity talent shortage. Despite persistent outcry from security leaders and experts, it’s only getting worse. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to

React to this headline:

Microsoft: Lace Tempest Hackers Behind Active Exploitation of MOVEit Transfer App 05/06/2023 at 16:08 By Microsoft has officially linked the ongoing active exploitation of a critical flaw in the Progress Software MOVEit Transfer application to a threat actor it tracks as Lace Tempest. “Exploitation is often followed by deployment of a web shell with data exfiltration capabilities,” the

React to this headline:

The Annual Report: 2024 Plans and Priorities for SaaS Security 05/06/2023 at 15:10 By Over 55% of security executives report that they have experienced a SaaS security incident in the past two years — ranging from data leaks and data breaches to SaaS ransomware and malicious apps (as seen in figures 1 and 2). Figure

React to this headline:

Magento, WooCommerce, WordPress, and Shopify Exploited in Web Skimmer Attack 05/06/2023 at 09:46 By Cybersecurity researchers have unearthed a new ongoing Magecart-style web skimmer campaign that’s designed to steal personally identifiable information (PII) and credit card data from e-commerce websites. A noteworthy aspect that sets it apart from other Magecart campaigns is that the hijacked sites

React to this headline:

Alarming Surge in TrueBot Activity Revealed with New Delivery Vectors 05/06/2023 at 08:28 By A surge in TrueBot activity was observed in May 2023, cybersecurity researchers disclosed. “TrueBot is a downloader trojan botnet that uses command and control servers to collect information on compromised systems and uses that compromised system as a launching point for

React to this headline:

Brazilian Cybercriminals Using LOLBaS and CMD Scripts to Drain Bank Accounts 05/06/2023 at 08:28 By An unknown cybercrime threat actor has been observed targeting Spanish- and Portuguese-speaking victims to compromise online banking accounts in Mexico, Peru, and Portugal. “This threat actor employs tactics such as LOLBaS (living-off-the-land binaries and scripts), along with CMD-based scripts to

React to this headline:

Cloud Security Tops Concerns for Cybersecurity Leaders: EC-Council’s Certified CISO Hall of Fame Report 2023 03/06/2023 at 11:36 By A survey of global cybersecurity leaders through the 2023 Certified CISO Hall of Fame Report commissioned by the EC-Council identified 4 primary areas of grave concern: cloud security, data security, security governance, and lack of cybersecurity

React to this headline:

New Linux Ransomware Strain BlackSuit Shows Striking Similarities to Royal 03/06/2023 at 11:36 By An analysis of the Linux variant of a new ransomware strain called BlackSuit has covered significant similarities with another ransomware family called Royal. Trend Micro, which examined an x64 VMware ESXi version targeting Linux machines, said it identified an “extremely high degree

React to this headline:

FTC Slams Amazon with $30.8M Fine for Privacy Violations Involving Alexa and Ring 03/06/2023 at 11:36 By The U.S. Federal Trade Commission (FTC) has fined Amazon a cumulative $30.8 million over a series of privacy lapses regarding its Alexa assistant and Ring security cameras. This comprises a $25 million penalty for breaching children’s privacy laws

React to this headline:

Trustwave Action Response: Zero Day Exploitation of MOVEit (CVE-2023-34362) 02/06/2023 at 23:42 By On May 31, threat actors were discovered targeting a critical zero day in MOVEit Transfer software resulting in escalated privileges and unauthorized data access. The vulnerability being exploited is an SQL injection and has since been patched. Resources links, including one for

React to this headline:

OSHA cites retail chain for exposing employees to electrical hazards 02/06/2023 at 22:53 By Following several investigations, the Occupational Health and Safety Administration (OSHA) has cited Dollar General for workplace safety violations. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Health tracking app charged by FTC for sharing sensitive information 02/06/2023 at 22:03 By Fertility app Premom was charged by the FTC for sharing users’ sensitive information with third parties, and sharing sensitive health data to Google. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this

React to this headline:

90% of CISOs say certifications improved security confidence 02/06/2023 at 21:34 By According to a report focusing on Chief Information Security Officer (CISO) perspectives, 50% identified cloud security as their top concern.  This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline: