Security

Ivanti | Feb 02, 2024

Ivanti 0day fest continues with fresh bugs, attacks, as CISA tells federal agencies "just disconnect"

"Threat actors have recently developed workarounds to current mitigations and detection methods and have been able to exploit weaknesses, move laterally, and escalate privileges without detection..."

Security | Jan 31, 2024

Gen AI-powered cybersecurity? Maybe get identity management fixed first

Sysdig research shows companies still not getting it right when shifting left

Security | Jan 30, 2024

Hack back: US disconnects Volt Typhoon

"This actor is not doing the quiet intelligence collection and theft of secrets... they can disrupt major services if, and when, the order comes down,"

Security | Jan 30, 2024

SolarWinds howls back at SEC, accuses agency of "revictimization"

Software firm calls for dismissal of SEC action

patch | Jan 30, 2024

Patch now: Critical Jenkins exploits released

POCs validated, over 45,000 instances still publicly exposed after critical Jenkins vulnerability disclosed.

Security | Jan 30, 2024

US commodities market regulator wants traders to ratchet up resilience

Just how do you make trading places more secure

Security | Jan 29, 2024

How Russian spooks hacked Microsoft, the gap in its “morally indefensible” response, and what CISOs can learn from the attack

Expect to start hearing more about MS Graph...

| ransomware | Jan 26, 2024

EquiLend confirms ransomware attack has crippled $2.4 trillion NGT trading platform.

The attack has been claimed by the prolific LockBit group, which has hit numerous high-profile companies in recent months, often using unpatched Citrix Bleed vulnerabilities.

Security | Jan 25, 2024

Next for The Bear: Hacking HPE inboxes

"Cozy Bear" gained unauthorized access to HPE’s cloud-based email environment

document.currentScript.parentNode.innerHTML = (parseInt(document.currentScript.closest('.iteration-container').dataset.length)).toString();