Zeljka Zorz
A critical vulnerability in Delinea Secret Server allows auth bypass, admin access
Organizations with on-prem installations of Delinea Secret Server are urged to update them immediately, to plug a critical vulnerability that may allow attackers to bypass …
CVE-2024-3400 exploited: Unit 42, Volexity share more details about the attacks
UPDATE: April 17, 05:50 AM ET New story: Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation Earlier today, Palo Alto Networks revealed that a …
Palo Alto Networks firewalls under attack, hotfixes incoming! (CVE-2024-3400)
UPDATE: April 17, 05:50 AM ET New story: Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation UPDATE (April 12, 2024, 03:10 p.m. ET): New story: …
CISA warns about Sisense data breach
Business intelligence / data analytics software vendor Sisense has apparently suffered a data breach that spurred the company and the US Cybersecurity and Infrastructure …
Ransomware group maturity should influence ransom payment decision
Your organization has been hit by ransomware and a decision has to be made on whether or not to make the ransom payment to get your data decrypted, deleted from …
New covert SharePoint data exfiltration techniques revealed
Varonis Threat Labs researchers have uncovered two techniques attackers can use can use for covert data and file exfiltration from companies’ SharePoint server. …
IT pros targeted with malicious Google ads for PuTTY, FileZilla
An ongoing malvertising campaign is targeting IT administrators looking to download system utilities such as PuTTY (a free SSH and Telnet client) and FileZilla (a free …
WEF Cybercrime Atlas: Researchers are creating new insights to fight cybercrime
In early 2023, the World Economic Forum (WEF) launched Cybercrime Atlas, with the intent to map the cybercriminal ecosystem by facilitating collaboration between private and …
Microsoft patches two actively exploited zero-days (CVE-2024-29988, CVE-2024-26234)
On this April 2024 Patch Tuesday, Microsoft has fixed a record 147 CVE-numbered vulnerabilities, including CVE-2024-29988, a vulnerability that Microsoft hasn’t marked …
LG smart TVs may be taken over by remote attackers
Bitdefender researchers have uncovered four vulnerabilities in webOS, the operating system running on LG smart TVs, which may offer attackers unrestricted (root) access to the …
New Google Workspace feature prevents sensitive security changes if two admins don’t approve them
Google is rolling out multi-party approvals for Google Workspace customers with multiple super admin accounts, the company has announced. What does the feature do? Google …
New Latrodectus loader steps in for Qbot
New (down)loader malware called Latrodectus is being leveraged by initial access brokers and it looks like it might have been written by the same developers who created the …
Featured news
Sponsored
Don't miss
- Applying DevSecOps principles to machine learning workloads
- Overcoming GenAI challenges in healthcare cybersecurity
- 25 cybersecurity AI stats you should know
- Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)
- PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389)