Security
Headlines
HeadlinesLatestCVEs

Source

DARKReading

The (Nation) State of Cyber: 64% of Businesses Suspect They've Been Targeted or Impacted by Nation-State Attacks

According to new Venafi research, two-thirds of organizations have changed cyber strategy in response to war in Ukraine.

DARKReading
#mac#git#kubernetes#intel#backdoor#auth#sap
What You Need to Know About the Psychology Behind Cyber Resilience

Understanding how and why people respond to cyber threats is key to building cyber-workforce resilience.

Penetration Testing Market Worth $2.7B By 2027: MarketsandMarkets(TM) Report

Increase driven by increasingly sophisticated cyberattacks as well as increase in mobile-based business-critical applications, according to report.

Optiv's Annual $40K Scholarship for Black, African-American-Identifying STEM Students Now Open for Applicants

Optiv's Black Employee Network offers the scholarship, paid out over 4 years, for students seeking a career in the cybersecurity/information security industry.

Thousands of Organizations Remain at Risk From Critical Zero-Click IP Camera Bug

The US Cybersecurity and Infrastructure Security Agency had wanted federal agencies to implement the fix for the RCE flaw in Hikvision cameras by Jan. 24, 2022.

New Exterro FTK Update Accelerates Mobile Digital Forensics

The FTK 7.6 portfolio promises better integration with other security and network resources, as well as unified analysis of mobile and computer evidence.

CISA: Just-Disclosed Palo Alto Networks Firewall Bug Under Active Exploit

The bug tracked as CVE-2022-0028 allows attackers to hijack firewalls without authentication, in order to mount DDoS hits on their targets of choice.

Efficient 'MagicWeb' Malware Subverts AD FS Authentication, Microsoft Warns

The Russia-backed Nobelium APT has pioneered a post-exploitation tool allowing attackers to authenticate as any user.

Ransomware Gang Demands $10M in Attack on French Hospital

Center Hospitalier Sud Francilien (CHSF), a hospital outside of Paris, has redirected incoming patients to other medical facilities in the wake of a ransomware attack that began on Aug. 21.

VMware LPE Bug Allows Cyberattackers to Feast on Virtual Machine Data

An insider threat or remote attacker with initial access could exploit CVE-2022-31676 to steal sensitive data and scoop up user credentials for follow-on attacks.