News
P-to-P fraud most concerning cyber threat in 2023: CSI
Peer-to-peer fraud and other digital fraud constituted more than 29% of bankers categorizing it as the most worrying cyber threat in 2023, according to CSI.
ServiceNow to detect open source security vulnerabilities with Snyk integration
ServiceNow Vulnerability Response users will now have access to Snyk’s product that scans open source code during the development process.
Skyhawk launches platform to provide threat detection and response across multi-cloud environments
Skyhawk says the Synthesis CDR platform employs machine learning aimed at eliminating alert fatigue with runtime protection of cloud infrastructure.
Australia fronts International Counter Ransomware Taskforce
The taskforce is a result of the International Counter Ransomware Initiative initially led by the US government and now counts on 37 members globally, including the European Union.
Nvidia targets insider attacks with digital fingerprinting technology
A new AI-based system from Nvidia sniffs out unusual behavior and ties it to users, in an effort to prevent insider attacks and protect digital credentials.
Attackers exploiting critical flaw in many Zoho ManageEngine products
The ManageEngine vulnerability is easy to exploit and enables remote code execution. Patches are available.
Wallarm touts API leak protection with new scanning feature
API protection vendor Wallarm now features scanning and automated remediation for API compromises.
T-Mobile suffers 8th data breach in less than 5 years
Customer data such as customer name, billing address, email, phone number, date of birth, T-Mobile account number and information such as the number of lines on the account and plan features were exposed in the breach.
Many ICS flaws remain unpatched as attacks against critical infrastructure rise
More than a third of ICS device vulnerabilities have no patch available at a time when ICS environments face threats from new cybercrime groups.
Chinese hackers targeted Iranian government entities for months: Report
The networks of four Iranian government organizations including Iran’s Ministry of Foreign Affairs, have likely been compromised.
QuSecure launches quantum-computing based security for endpoints
Quantum-based security with what’s advertised as “frictionless” deployment is now available from QuSecure.
Trustwave relaunches Advanced Continual Threat Hunting with human-led methodology
Cybersecurity vendor says enhancement allows for increased human-led threat hunting to uncover more behavior-based findings associated with specific threat actors.
Perception Point launches Advanced Threat Protection for Zendesk
Perception Point says new platform has been built to help protect vulnerable help desks and customer support teams from external threats such as malicious content within tickets.
Remote.it takes steps toward zero trust with 'single line of code' provisioning
New integration with Okta, containerization support and a tagging system are all present in the latest version of Remote.it’s network management platform.
How attackers might use GitHub Codespaces to hide malware delivery
A feature that allows developers to make applications accessible by a public GitHub URL could enable attackers to deliver malware and avoid detection.
DigiCert releases Trust Lifecycle Manager to unify certificate management, PKI services
Digital security certificate firm says product sets a new standard for managing digital trust and reduces an organization’s attack surface to help prevent data breaches.
European data protection authorities issue record €1.65 billion in GDPR fines
DLA Piper’s GDPR and Data Breach survey shows a 50% increase in fines in the last 12 months. Data protection authorities turning their focus to artificial intelligence.
US Maritime Administrator to study port crane cybersecurity concerns
Recently passed legislation might have been spurred by supply chain disruption and surveillance concerns enabled by Chinese-made cranes.
Attackers deploy sophisticated Linux implant on Fortinet network security devices
The exploit allows attackers to remotely execute arbitrary code and commands without authentication.
Royal ransomware group actively exploiting Citrix vulnerability
At-Bay cyber research team believes the Royal ransomware group is actively exploiting critical Citrix system security flaw CVE-2022-27510.
BrandPosts
Learn more-
Sponsored by Microsoft Security
-
Sponsored by Cisco
-
Sponsored by Palo Alto Networks