New infosec products of the week: October 6, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Cloaked, ComplyCube, LogicMonitor, ManageEngine, Nutanix, and Veriff. Veriff unveils …
Poor cybersecurity habits are common among younger employees
One in three employees believe their actions do not impact their organization’s security, according to Ivanti. Unsafe cybersecurity habits among office workers The research …
Enterprises see AI as a worthwhile investment
92% of AI team leaders at leading-edge organizations felt that their AI initiatives are generating value, according to Wallaroo.AI. Having found a successful formula, most of …
“Looney Tunables” bug allows root access on Linux distros (CVE-2023-4911)
A vulnerability (CVE-2023-4911) in the GNU C Library (aka “glibc”) can be exploited by attackers to gain root privileges on many popular Linux distributions, …
Apple patches another iOS zero-day under attack (CVE-2023-42824)
Apple has released a security update for iOS and iPadOS to fix another zero-day vulnerability (CVE-2023-42824) exploited in the wild. About CVE-2023-42824 CVE-2023-42824 is a …
Critical Atlassian Confluence zero-day exploited by attackers (CVE-2023-22515)
Atlassian has fixed a critical zero-day vulnerability (CVE-2023-22515) in Confluence Data Center and Server that is being exploited in the wild. “Atlassian has been made …
Eyes everywhere: How to safely navigate the IoT video revolution
Cameras are coming to a connected device near you. Cheap image sensors from old mobile phones are flooding the market and bringing video to the Internet of Things (IoT). …
LLMs lower the barrier for entry into cybercrime
Cybercriminals employ evolving attack methodologies designed to breach traditional perimeter security, including secure email gateways, according to Egress. “Without a doubt …
Soft skills continue to challenge the cybersecurity sector
New cybersecurity findings pinpoint areas where cybersecurity experts are lacking, with interpersonal skills, cloud computing, and security measures standing out as the most …
The root cause of open-source risk
2023 saw twice as many software supply chain attacks as 2019-2022 combined. Sonatype logged 245,032 malicious packages in 2023. One in eight open-source downloads today poses …
Backdoored Android phones, TVs used for ad fraud – and worse!
A key monetization mechanism of a sophisticated series of cybercriminal operations involving backdoored off-brand mobile and CTV Android devices has been disrupted, Human …
Qualcomm patches 3 actively exploited zero-days
Qualcomm has fixed three actively exploited vulnerabilities (CVE-2023-33106, CVE-2023-33107, CVE-2023-33063) in its Adreno GPU and Compute DSP drivers. Vulnerabilities …