Please turn on your JavaScript for this page to function normally.
cybersecurity week in review
Week in review: Google fixes yet another Chrome zero-day exploit, YouTube as a cybercrime channel

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Google fixes yet another Chrome zero-day exploited in the wild …

cyber threat
US retailers under attack by gift card-thieving cyber gang

Earlier this month, the FBI published a private industry notification about Storm-0539 (aka Atlas Lion), a Morocco-based cyber criminal group that specializes in compromising …

Google Chrome
Google fixes yet another Chrome zero-day exploited in the wild (CVE-2024-5274)

For the eighth time this year, Google has released an emergency update for its Chrome browser that fixes a zero-day vulnerability (CVE-2024-5274) with an in-the-wild exploit. …

Surfshark Alert
Product showcase: Alert – Data breach detector for your email, credit card, and ID

Compared to the last quarter of 2023, data breaches rose from 81M to 435M in Q1 2024. That’s a 5-fold increase in just a few months. One of the most common ways data breaches …

fail2ban
Fail2Ban: Ban hosts that cause multiple authentication errors

Fail2Ban is an open-source tool that monitors log files, such as /var/log/auth.log, and blocks IP addresses that exhibit repeated failed login attempts. It does this by …

cybersecurity regulations
Despite increased budgets, organizations struggle with compliance

Only 40% of organizations feel fully prepared to meet the compliance demands of rising cybersecurity regulations, according to a new Swimlane report. Organizations still feel …

cyber risks
Worried about job security, cyber teams hide security incidents

The frequency and severity of cyberattacks are increasing—yet most businesses remain unprepared, according to VikingCloud. Between a growing talent shortage, alert fatigue, …

insider threat
Effective GRC programs rely on team collaboration

One in three organizations are not currently able to proactively identify, assess, and mitigate risk with their GRC program, nor are they able to ensure compliance with …

Infosec products of the week
New infosec products of the week: May 24, 2024

Here’s a look at the most interesting products from the past week, featuring releases from CyberArk, OneTrust, PlexTrac, and Strike Graph. CyberArk CORA AI accelerates …

malware
Compromised courtroom recording software was served from vendor’s official site

Courtroom recording software JAVS Viewer has been saddled with loader malware and has been served from the developer’s site since at least April 2, a threat researcher …

GitHub
GitHub fixes maximum severity Enterprise Server auth bypass bug (CVE-2024-4985)

A critical, 10-out-of-10 vulnerability (CVE-2024-4985) allowing unrestricted access to vulnerable GitHub Enterprise Server (GHES) instances has been fixed by Microsoft-owned …

healthcare
HHS pledges $50M for autonomous vulnerability management solution for hospitals

As organizations in the healthcare sector continue to be a prime target for ransomware gangs and CISA warns about a vulnerability (CVE-2023-43208) in a healthcare-specific …

Don't miss

Cybersecurity news