Security
Headlines
HeadlinesLatestCVEs

Source

DARKReading

Stolen Data Gives Attackers Advantage Against Text-Based 2FA

With names, email addresses, and mobile numbers from underground databases, one person in five is at risk of account compromise even with SMS two-factor authentication in place.

DARKReading
#web#ios#android#google#auth#ssl
Fresh RapperBot Malware Variant Brute-Forces Its Way Into SSH Servers

Over the past few weeks, a Mirai variant appears to have made a pivot from infecting new servers to maintaining remote access.

How to Resolve Permission Issues in CI/CD Pipelines

This Tech Tip outlines how DevOps teams can address security integration issues in their CI/CD pipelines.

A Digital Home Has Many Open Doors

Development of digital gateways to protect the places where we live, work, and converse need to be secure and many doors need to offer restricted access.

Cyberattackers Increasingly Target Cloud IAM as a Weak Link

At Black Hat USA, Igal Gofman plans to address how machine identities in the cloud and the explosion of SaaS apps are creating risks for IAM, amid escalating attention from attackers.

Amazon, IBM Move Swiftly on Post-Quantum Cryptographic Algorithms Selected by NIST

A month after the algorithms were revealed, some companies have already begun incorporating the future standards into their products and services.

Time to Patch VMware Products Against a Critical New Vulnerability

A dangerous VMware authentication-bypass bug could give threat actors administrative access over virtual machines.

High-Severity Bug in Kaspersky VPN Client Opens Door to PC Takeover

The CVE-2022-27535 local privilege-escalation security vulnerability in the security software threatens remote and work-from-home users.

How Email Security Is Evolving

Securing email communication has never been more critical for organizations, and it has never been more challenging to do so. Attack volumes have increased and become more sophisticated.

Massive China-Linked Disinformation Campaign Taps PR Firm for Help

A global network of inauthentic news sites present themselves as independent news outlets, offering content favoring China's government and articles critical of the US.