BadAlloc: Microsoft Flags Major Security Holes in OT, IoT Devices Security researchers at Microsoft are raising the alarm for multiple gaping security holes in a wide range of enterprise internet-connected devices, warning that the high-risk bugs expose businesses to remote code execution attacks. Read More Security Bypass Vulnerability in Apple's M1 Chip Exploited in the Wild: Apple's latest macOS updates patch three vulnerabilities that can be exploited to bypass security mechanisms, including one that only impacts Macs with M1 chips. Read More Vulnerability Exposes F5 BIG-IP to Kerberos KDC Hijacking Attacks: Attackers can use spoofed authentication responses to hijack a KDC connection and gain local administrative access. Read More DigitalOcean Discloses Breach Involving Billing Information: Cloud solutions provider DigitalOcean has started informing customers about a breach involving their billing information. Read More Threat Detection Firm Vectra Raises $130 Million at $1.2 Billion Valuation: Threat detection and response company Vectra AI has raised $130 million and has become a cybersecurity unicorn at a valuation of $1.2 billion. Read More FluBot Android Malware Expected to Start Targeting U.S.: The FluBot Android malware has been stealing information from phones in Europe, but it's soon expected to expand operations to the United States. Read More Several High-Severity Vulnerabilities Expose Cisco Firewalls to Remote Attacks: The Cisco firewall vulnerabilities could be exploited to achieve arbitrary code execution or to cause a denial of service condition. Read More Chinese Cyberspies Target Military Organizations in Asia With New Malware: Running until at least March 2021, the latest Naikon campaign employed a new backdoor alongside known malware, but also abused legitimate software. Read More US Government Taking Creative Steps to Counter Cyberthreats: An FBI operation that gave law enforcement remote access to hundreds of computers to counter a massive hack of Microsoft Exchange email server software is a tool that is likely to be deployed "judiciously" in the future. Read More CISO Conversations: Raytheon and BAE Systems CISOs on Leadership, Future Threats: In this installment of SecurityWeek's CISO Conversations series, Jennifer Watson of Raytheon Intelligence & Space and Mary Haigh of BAE Systems, discuss cybersecurity leadership in the defense sector. Read More Death of the Manual Pen-Test: Blind Spots, Limited Visibility: Manual penetration testing (pen-testing) is increasingly challenged by automated methods of vulnerability discovery and management. Read More Google Data Protection Case to be Heard in UK Supreme Court: Google began a legal bid at Britain's highest court to try to block a class action alleging that it illegally tracked millions of iPhone users. Read More Cyberspace Solarium Commission: CISA Funding Should Increase by at Least $400M: Two House representatives ask that CISA's budget for the fiscal year 2022 be increased by at least $400 million. Read More Navy SEALs to Shift From Counterterrorism to Global Threats: The U.S. Navy is adding personnel to the SEAL platoons to beef up capabilities in cyber and electronic warfare and unmanned systems, honing their skills to collect intelligence and deceive and defeat the enemy. Read More DevSecOps Company Sysdig Raises $188 Million at $1.19 Billion Valuation: DevSecOps company Sysdig raises $188 million in a Series F funding round and becomes a cybersecurity unicorn with a valuation of $1.19 billion. Read More Dark Hash Collisions: New Service Confidentially Finds Leaked Passwords: Dark Hash Collisions can safely detect all a customer's users that have been compromised and consequently present a risk of credential stuffing. Read More Russia-Linked 'Ghostwriter' Disinformation Campaign Tied to Cyberspy Group: Five operations running between October 2020 and January 2021 leveraged compromised social media accounts of Polish officials. Read More Google Patches Yet Another Serious V8 Vulnerability in Chrome: Google has patched yet another serious V8 vulnerability in Chrome, and awarded the researcher who found it $15,000. Read More |
Comments
Post a Comment