[ad_1] Voices in the vulnerability management community warned that the lasting issues of the US National Vulnerability Database (NVD) could lead to a major supply chain security crisis. A group of 50 cybersecurity professionals signed an open letter that was sent on April 12 to... Continue reading
Return to previous page
Category: Cybersecurity Compliance
[ad_1] Security researchers have discovered a new vulnerability affecting command-line tools used in cloud environments. Dubbed “LeakyCLI” by the Orca Security team, the flaw exposes sensitive credentials in logs, posing potential risks to organizations utilizing AWS and Google Cloud platforms. The issue mirrors a previously... Continue reading
[ad_1] A substantial 93% of enterprises admitting to a breach have suffered significant consequences, ranging from unplanned downtime to data exposure or financial loss. This alarming statistic, unveiled by Pentera’s latest research efforts, underscores the escalating challenges organizations face in safeguarding their digital assets against... Continue reading
[ad_1] The Open Source Security (OpenSSF) and OpenJS Foundations have called on open source maintainers to look out for takeover attempts, after spotting multiple social engineering attacks reminiscent of the recent xz Utils campaign. The OpenJS Foundation Cross Project Council claimed in a new blog... Continue reading
[ad_1] Palo Alto Networks has detected targeted assaults exploiting a recently unearthed critical zero-day vulnerability within its PAN-OS software, designated CVE-2024-3400 with a CVSS score of 10.0. This flaw enables unauthorized actors to execute arbitrary code with root privileges on affected firewalls. Identified as Operation... Continue reading
[ad_1] A recent incident in West Africa has once again brought attention to the persistent threat posed by the LockBit ransomware. Cybercriminals, armed with stolen administrator credentials, have deployed a customized variant of the encryption malware equipped with self-propagation capabilities. Exploiting privileged access, they breached... Continue reading
[ad_1] Russia, Ukraine and China harbor the greatest cybercriminal threat, according to the first World Cybercrime Index (WCI). This world-first cybercrime ranking is the result of work by an international team of academic researchers who surveyed 92 leading cybercrime experts and analyzed the results following... Continue reading
[ad_1] Global chipmaker giant Nexperia has revealed it suffered a cyber-attack amid reports that ransomware hackers stole sensitive documents and intellectual property from the company. The Chinese-owned firm, headquartered in the Netherlands, confirmed in a statement on April 12 that “an unauthorized third party” accessed... Continue reading
[ad_1] The first three months of 2024 saw 841 publicly reported “data compromises” – up 90% on the same period last year, according to the Identity Theft Resource Center (ITRC). The non-profit said that although the number of data breaches, exposures and leaks was up... Continue reading
[ad_1] The US Cybersecurity and Infrastructure Security Agency (CISA) has disclosed a breach affecting business analytics provider Sisense and urged its customers to rest their credentials. On April 11, 2024, CISA issued an advisory regarding Sisense customer data being potentially compromised. The agency is “currently... Continue reading