[ad_1] Ivanti urges customers to fix critical RCE flaw in Standalone Sentry solution Pierluigi Paganini March 21, 2024 Ivanti urges customers to address a critical remote code execution vulnerability impacting the Standalone Sentry solution. Ivanti addressed a critical remote code execution vulnerability, tracked as CVE-2023-41724... Continue reading
Return to previous page
Page 20
[ad_1] A vast majority of security leaders are aware that application programmable interfaces (APIs) have become a worrying attack vector. Yet, in a new study, cloud computing service provider Fastly found that most don’t invest in advanced security to protect them. With organizations increasingly relying... Continue reading
[ad_1] New Loop DoS attack may target 300,000 vulnerable hosts Pierluigi Paganini March 21, 2024 Boffins devised a new application-layer loop DoS attack based on the UDP protocol that impacts major vendors, including Broadcom, Microsoft and MikroTik. Researchers from the CISPA Helmholtz Center for Information... Continue reading
[ad_1] A team of French security researchers have won a Tesla Model 3 and $200,000 after finding a zero-day vulnerability in a vehicle’s electronic control unit (ECU). The Synacktiv team were at the top of the leaderboard after one day of Pwn2Own Vancouver 2024, the... Continue reading
[ad_1] BunnyLoader 3.0 surfaces in the threat landscape Pierluigi Paganini March 20, 2024 Researchers found a new variant of the BunnyLoader malware with a modular structure and new evasion capabilities. In October 2023, Zscaler ThreatLabz researchers discovered a new malware-as-a-service (MaaS) called BunnyLoader, which was advertised for sale... Continue reading
[ad_1] Three-quarters of UK businesses and 79% of charities have experienced a cybersecurity incident in the past 12 months, according to new figures published by the UK government. The survey found there was limited improvements in organizations’ cybersecurity posture between 2022 and 2023, with many... Continue reading
[ad_1] Critical flaw in Atlassian Bamboo Data Center and Server must be fixed immediately Pierluigi Paganini March 20, 2024 Atlassian fixed tens of vulnerabilities in Bamboo, Bitbucket, Confluence, and Jira products, including a critical flaw that can be very dangerous. Atlassian addressed multiple vulnerabilities in... Continue reading
[ad_1] New data has unveiled a 27% rise in ransomware attacks in 2023, with 8% of affected organizations resorting to paying ransoms. The figures, extracted from the 2024 Thales Data Threat Report, also suggest that less than half of organizations have established formal ransomware response... Continue reading
[ad_1] Threat actors actively exploit JetBrains TeamCity flaws to deliver malware Pierluigi Paganini March 20, 2024 Multiple threat actors are exploiting the recently disclosed JetBrains TeamCity flaw CVE-2024-27198 in attacks in the wild. Trend Micro researchers are exploiting the recently disclosed vulnerabilities CVE-2024-27198 (CVSS score: 9.8)... Continue reading
[ad_1] The US Cybersecurity and Infrastructure Security Agency (CISA) issued a stark warning yesterday to leaders of critical infrastructure organizations regarding the imminent threat posed by People’s Republic of China (PRC) state-sponsored cyber actors known as “Volt Typhoon.” In collaboration with the National Security Agency (NSA),... Continue reading