An attack dubbed “WordDrone” that uses an old flaw to install a backdoor could be related to previously reported cyber incidents against Taiwan’s military and satellite industrial supply chain. Go to Source Author: Elizabeth Montalbano, Contributing Writer
Category Archives: Uncategorized
Imagine a world where you never have to remember another password. Seems like a dream come true for both end users and IT teams, right? But as the old saying goes, “If it sounds too good to be true, it probably is.” If your organization is like many, you may be contemplating a move to […]
Cybersecurity researchers have uncovered a new set of malicious Python packages that target software developers under the guise of coding assessments. “The new samples were tracked to GitHub projects that have been linked to previous, targeted attacks in which developers are lured using fake job interviews,” ReversingLabs researcher Karlo Zanki said. The activity has been […]
Microsoft on Tuesday disclosed that three new security flaws impacting the Windows platform have come under active exploitation as part of its Patch Tuesday update for September 2024. The monthly security release addresses a total of 79 vulnerabilities, of which seven are rated Critical, 71 are rated Important, and one is rated Moderate in severity. […]
Ivanti has released software updates to address multiple security flaws impacting Endpoint Manager (EPM), including 10 critical vulnerabilities that could result in remote code execution. A brief description of the issues is as follows – CVE-2024-29847 (CVSS score: 10.0) – A deserialization of untrusted data vulnerability that allows a remote unauthenticated attacker to achieve code […]
As attacks on satellites rise with nation-state conflicts, the South Asian nation joins other space-capable countries in doubling down on cybersecurity. Go to Source Author: Robert Lemos, Contributing Writer
This month’s Patch Tuesday contains a total of 79 vulnerabilities — the fourth largest of the year. Go to Source Author: Jai Vijayan, Contributing Writer
In this case study, a 180-year-old life and pension insurer brought its security infrastructure into the modern age. Go to Source Author: Karen D. Schwartz, Contributing Writer
Besides operational issues connected to a talent shortage, the cost of running security platforms — and their training costs — also keeps CISOs up at night. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
The threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom in attacks targeting small- and medium-sized businesses (SMBs) in Europe, Asia, Africa, and South America, while also likely working as an affiliate for RansomHub. “CosmicBeetle replaced its previously deployed ransomware, Scarab, with ScRansom, which is continually improved,” ESET researcher Jakub […]