Linux variant of the SideWalk backdoor discovered
ESET researchers have discovered a Linux variant of the SideWalk backdoor, one of the multiple custom implants used by the SparklingGoblin APT group. Commands with different …
Q-Day doesn’t equal doomsday: Enacting an enterprise quantum security strategy
While Quantum Day, or “Q-Day,” may be five to ten years away, it is arriving faster than we would like. Q-Day represents the day that quantum computers will reliably use the …
SMBs are hardest-hit by ransomware
Coalition announced the mid-year update to its 2022 Cyber Claims Report detailing the evolution of cyber trends, revealinig that small businesses have become bigger targets, …
Backlogs larger than 100K+ vulnerabilities but too time-consuming to address
Rezilion and Ponemon Institute announced the release of “The State of Vulnerability Management in DevSecOps,” which reveals that organizations are losing thousands of hours in …
Attackers mount Magento supply chain attack by compromising FishPig extensions
FishPig, a UK-based company developing extensions for the popular Magento open-source e-commerce platform, has announced that its paid software offerings have been injected …
Phishers take aim at Facebook page owners
Phishers are looking to trick owners of Facebook pages with fake notices from the social network (i.e., Meta, the company behind Facebook, Instagram and WhatsApp), in an …
Thwarting attackers in their favorite new playground: Social media
For years, LinkedIn has been utilized by threat actors looking to refine their attacks. From simple spear-phishing attacks to reconnaissance, the professional networking site …
What’s challenging development teams amid their race to the cloud?
Couchbase announced findings from industry research examining the challenges faced by development teams amid the race to the cloud and to execute on digital transformation …
CFOs’ overconfidence in cybersecurity can cost millions
Kroll announced its report Cyber Risk and CFOs: Over-Confidence is Costly which found chief financial officers (CFOs) to be woefully in the dark regarding cybersecurity, …
Microsoft fixes exploited zero-day in the Windows CLFS Driver (CVE-2022-37969)
September 2022 Patch Tuesday is here, with fixes for 64 CVE-numbered vulnerabilities in various Microsoft products, including one zero-day (CVE-2022-37969) exploited by …
U-Haul reports data breach, customers’ info exposed
U.S. moving and storage rental company U-Haul has suffered a data breach due to an unauthorized person having accessed an unspecified number of rental contracts, …
Apple fixes actively exploited zero-day in macOS, iOS (CVE-2022-32917)
Apple has fixed a slew of vulnerabilities in macOS, iOS, and iPadOS, including a zero-day kernel vulnerability (CVE-2022-32917) exploited by attackers in the wild. About …
Featured news
Resources
Don't miss
- Popular code formatting sites are exposing credentials and other secrets
- Fake “Windows Update” screens fuels new wave of ClickFix attacks
- Microsoft cracks down on malicious meeting invites
- How an AI meltdown could reset enterprise expectations
- The breaches everyone gets hit by (and how to stop them)