🛡 Cybersecurity & Privacy 🛡 - News

🕴 Unpatched Zimbra Platforms Are Probably Compromised, CISA Says 🕴

Attackers are targeting Zimbra systems in the public and private sectors, looking to exploit multiple vulnerabilities, CISA says.

📖 Read

via "Dark Reading".

Dark Reading

Unpatched Zimbra Platforms Are Probably Compromised, CISA Says

Attackers are targeting Zimbra systems in the public and private sectors, looking to exploit multiple vulnerabilities, CISA says.

👍1

664 views18:09

🛡 Cybersecurity & Privacy 🛡 - News

🕴 Australia Declares War on Cybercrime Syndicates 🕴

An international counter-ransomware task force has been announced by Australian authorities following the recent Optus and Medibank data breaches.

📖 Read

via "Dark Reading".

Dark Reading

Australia Declares War on Cybercrime Syndicates

An international counter-ransomware task force has been announced by Australian authorities following the recent Optus and Medibank data breaches.

🤯2👍1

771 views20:09

🛡 Cybersecurity & Privacy 🛡 - News

🕴 Researchers Sound Alarm on Dangerous BatLoader Malware Dropper 🕴

BatLoader has spread rapidly to roost in systems globally, tailoring payloads to its victims.

📖 Read

via "Dark Reading".

Dark Reading

Researchers Sound Alarm on Dangerous BatLoader Malware Dropper

BatLoader has spread rapidly to roost in systems globally, tailoring payloads to its victims.

👍1🤔1

765 views22:09

🛡 Cybersecurity & Privacy 🛡 - News

🕴 Evolving Security for Government Multiclouds 🕴

As the threat landscape increases, public cloud security needs to evolve.

📖 Read

via "Dark Reading".

Dark Reading

Evolving Security for Government Multiclouds

As the threat landscape increases, public cloud security needs to evolve.

634 views15:09

🛡 Cybersecurity & Privacy 🛡 - News

🗓️ Mastodon users vulnerable to password-stealing attacks 🗓️

Patched bug could have leaked credentials

📖 Read

via "The Daily Swig".

The Daily Swig | Cybersecurity news and views

Mastodon users vulnerable to password-stealing attacks

Patched bug could have leaked credentials

540 views15:59

🛡 Cybersecurity & Privacy 🛡 - News

🕴 Nasty SQL Injection Bug in Zendesk Endangers Sensitive Customer Data 🕴

The API-related vulnerabilities put conversations, email addresses, tickets, and more in danger of exposure via the Zendesk Explore reporting service.

📖 Read

via "Dark Reading".

Dark Reading

Nasty SQL Injection Bug in Zendesk Endangers Sensitive Customer Data

395 views16:10

🛡 Cybersecurity & Privacy 🛡 - News

🕴 Yakima Neighborhood Health Services Notice of Data Security Incident 🕴

.

📖 Read

via "Dark Reading".

Dark Reading

Yakima Neighborhood Health Services Notice of Data Security Incident

360 views16:10

🛡 Cybersecurity & Privacy 🛡 - News

🕴 Red Canary Provides First-Ever MITRE Engenuity™ ATT&CK® Evaluations for Managed Services 🕴

.

📖 Read

via "Dark Reading".

Dark Reading

Red Canary Provides First-Ever MITRE Engenuity™ ATT&CK® Evaluations for Managed Services

362 views16:10

🛡 Cybersecurity & Privacy 🛡 - News

♟️ Top Zeus Botnet Suspect “Tank” Arrested in Geneva ♟️

Vyacheslav “Tank” Penchukov, the accused 40-year-old Ukrainian leader of a prolific cybercriminal group that stole tens of millions of dollars from small to mid-sized businesses in the United States and Europe, has been arrested in Switzerland, according to multiple sources.

📖 Read

via "Krebs on Security".

Krebs on Security

Top Zeus Botnet Suspect “Tank” Arrested in Geneva

Vyacheslav “Tank” Penchukov, the accused 40-year-old Ukrainian leader of a prolific cybercriminal group that stole tens of millions of dollars from small to mid-sized businesses in the United States and Europe, has been arrested in Switzerland, according…

368 views16:27

🛡 Cybersecurity & Privacy 🛡 - News

🗓️ Zendesk Explore flaws opened the door to account pillage 🗓️

Patched SQLi and logical access vulnerabilities posed serious risk

📖 Read

via "The Daily Swig".

The Daily Swig | Cybersecurity news and views

Zendesk Explore flaws opened the door to account pillage

Patched SQLi and logical access vulnerabilities posed serious risk

370 views16:30

🛡 Cybersecurity & Privacy 🛡 - News

🕴 Google Forks Over $391.5M in Record-Setting US Consumer Privacy Settlement 🕴

A misleading location-tracking practice ensnared the search-engine giant in massive privacy case spanning 40 states.

📖 Read

via "Dark Reading".

Dark Reading

Google Forks Over $391.5M in Record-Setting US Consumer Privacy Settlement

A misleading location-tracking practice ensnared the search-engine giant in massive privacy case spanning 40 states.

392 views17:10

🛡 Cybersecurity & Privacy 🛡 - News

⚠ “Gucci Master” business email scammer Hushpuppi gets 11 years ⚠

Learn how to protect yourself from big-money tricksters like the Hushpuppis of the world...

📖 Read

via "Naked Security".

Naked Security

“Gucci Master” business email scammer Hushpuppi gets 11 years

Learn how to protect yourself from big-money tricksters like the Hushpuppis of the world…

401 views17:23

🛡 Cybersecurity & Privacy 🛡 - News

🕴 How Routine Pen Testing Can Reveal the Unseen Flaws in Your Cybersecurity Posture 🕴

Testing is an ongoing mission, not a one-and-done fix.

📖 Read

via "Dark Reading".

Dark Reading

How Routine Pen Testing Can Reveal the Unseen Flaws in Your Cybersecurity Posture

Testing is an ongoing mission, not a one-and-done fix.

428 views18:10

🛡 Cybersecurity & Privacy 🛡 - News

⚠ Log4Shell-like code execution hole in popular Backstage dev tool ⚠

Researchers at cloud coding security company Oxeye have written up a critical bug that they recently discovered in the popular cloud development toolkit Backstage. Their report includes an explanation of how the bug works, plus proof-of-concept (PoC) code showing how to exploit it. Backstage is what’s known as a cloud developer portal – a sort […]

📖 Read

via "Naked Security".

Naked Security

Log4Shell-like code execution hole in popular Backstage dev tool

Good old “string templating”, also known as “string interpolation”, in the spotlight again…

543 views18:23

🛡 Cybersecurity & Privacy 🛡 - News

🕴 Where Can Third-Party Governance and Risk Management Take Us? 🕴

Part 2 in our series addressing the top 10 unanswered questions in security: How will TPGRM evolve?

📖 Read

via "Dark Reading".

Dark Reading

Where Can Third-Party Governance and Risk Management Take Us?

Part 2 in our series addressing the top 10 unanswered questions in security: How will TPGRM evolve?

531 views21:10

🛡 Cybersecurity & Privacy 🛡 - News

🕴 Wipermania: Malware Remains a Potent Threat, 10 Years Since 'Shamoon' 🕴

An in-depth analysis of system-destroying malware families presented at Black Hat Middle East & Africa shows a growing nuance in terms of how they're deployed.

📖 Read

via "Dark Reading".

Dark Reading

Wipermania: Malware Remains a Potent Threat, 10 Years Since 'Shamoon'

An in-depth analysis of system-destroying malware families presented at Black Hat Middle East & Africa shows a growing nuance in terms of how they're deployed.

👍2

546 views22:10

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-34313 ‼

IBM CICS TX 11.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. X-Force ID: 229449.