?Feb 14, 2024?NewsroomPatch Tuesday / Vulnerability Microsoft has released patches to address 73 security flaws spanning its software lineup as part of its Patch Tuesday updates for February 2024, including two zero-days that have come…
?Feb 13, 2024?NewsroomCryptocurrency / Rootkit The Glupteba botnet has been found to incorporate a previously undocumented Unified Extensible Firmware Interface (UEFI) bootkit feature, adding another layer of sophistication and stealth to the malware. “This bootkit…
?Feb 13, 2024?NewsroomCyber Threat / Malware The threat actors behind the PikaBot malware have made significant changes to the malware in what has been described as a case of “devolution.” “Although it appears to be…
?Feb 13, 2024?The Hacker NewsSaaS Security / Data Breach The Midnight Blizzard and Cloudflare-Atlassian cybersecurity incidents raised alarms about the vulnerabilities inherent in major SaaS platforms. These incidents illustrate the stakes involved in SaaS breaches…
?Feb 13, 2024?NewsroomVulnerability / Cyber Threat Threat actors are leveraging a recently disclosed security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor codenamed DSLog on susceptible devices. That’s according…
?Feb 13, 2024?NewsroomVulnerability / Email Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Roundcube email software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence…
?Feb 12, 2024?NewsroomVulnerability / Data Recovery Cybersecurity researchers have uncovered an “implementation vulnerability” that has made it possible to reconstruct encryption keys and decrypt data locked by Rhysida ransomware. The findings were published last week…
?Feb 12, 2024?The Hacker NewsCyber Threat / Password Security When it comes to access security, one recommendation stands out above the rest: multi-factor authentication (MFA). With passwords alone being simple work for hackers, MFA provides…
?Feb 12, 2024?The Hacker NewsInfrastructure Security / Software Supply Chain The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced that it’s partnering with the Open Source Security Foundation (OpenSSF) Securing Software Repositories Working Group to…
Incident response (IR) is a race against time. You engage your internal or external team because there’s enough evidence that something bad is happening, but you’re still blind to the scope, the impact, and the…