Category: securityweek

Adobe Patches ColdFusion Flaw at High Risk of Exploitation

Adobe has released patches for a high-severity ColdFusion vulnerability for which proof-of-concept (PoC) code exists. The post Adobe Patches ColdFusion Flaw at High Risk of Exploitation appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

Sophos Patches Critical Firewall Vulnerabilities

Sophos has released patches for a critical-severity firewall vulnerability that could lead to remote code execution. The post Sophos Patches Critical Firewall Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Sophos Patches…

Botnet of 190,000 BadBox-Infected Android Devices Discovered

Bitsight has discovered a BadBox botnet consisting of over 190,000 Android devices, mainly Yandex smart TVs and Hisense smartphones. The post Botnet of 190,000 BadBox-Infected Android Devices Discovered appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Cisco to Acquire Threat Detection Company SnapAttack

Cisco has announced its intention to acquire threat detection company SnapAttack to boost Splunk security product capabilities.  The post Cisco to Acquire Threat Detection Company SnapAttack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

Fortinet Patches Critical FortiWLM Vulnerability

Fortinet has released patches for a critical-severity path traversal vulnerability in FortiWLM that was reported last year. The post Fortinet Patches Critical FortiWLM Vulnerability appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Fortinet…

SandboxAQ Raises $300 Million at $5.3 Billion Valuation

Alphabet spinoff SandboxAQ has announced raising $300 million in funding at a valuation of $5.3 billion. The post SandboxAQ Raises $300 Million at $5.3 Billion Valuation  appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

Bureau Raises $30M to Tackle Deepfakes, Payment Fraud

San Francisco startup scores a Series B round to thwart money mule accounts, deep-fake identities, account takeovers and payment fraud. The post Bureau Raises $30M to Tackle Deepfakes, Payment Fraud appeared first on SecurityWeek. This article has been indexed from…

Recorded Future Tagged as ‘Undesirable’ in Russia

The Russian government accuses the Mastercard-owned firm of participating in the collection and analysis of data on the actions of the Russia’s armed forces.  The post Recorded Future Tagged as ‘Undesirable’ in Russia appeared first on SecurityWeek. This article has…

Regional Care Data Breach Impacts 225,000 People

Healthcare insurance firm Regional Care has disclosed a data breach impacting more than 225,000 individuals. The post Regional Care Data Breach Impacts 225,000 People appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Regional…

CISA Issues Binding Operational Directive for Improved Cloud Security

CISA’s Binding Operational Directive 25-01 requires federal agencies to align cloud environments with SCuBA secure configuration baselines. The post CISA Issues Binding Operational Directive for Improved Cloud Security appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Hacker Leaks Cisco Data

IntelBroker has leaked 2.9 Gb of data stolen recently from a Cisco DevHub instance, but claims it’s only a fraction of the total.  The post Hacker Leaks Cisco Data appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

FBI Warns of HiatusRAT Attacks on Cameras, DVR Systems

FBI says HiatusRAT’s operators were seen scanning for web cameras and DVR systems affected by years-old vulnerabilities. The post FBI Warns of HiatusRAT Attacks on Cameras, DVR Systems appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

CISA Warns of Exploited Adobe ColdFusion, Windows Vulnerabilities

CISA has warned organizations that two vulnerabilities affecting Adobe ColdFusion and Windows have been exploited in the wild.  The post CISA Warns of Exploited Adobe ColdFusion, Windows Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Major Auto Parts Firm LKQ Hit by Cyberattack

LKQ, a major provider of auto parts, told the SEC that a recent cyberattack caused disruptions at a Canadian business unit. The post Major Auto Parts Firm LKQ Hit by Cyberattack appeared first on SecurityWeek. This article has been indexed…

SRP Federal Credit Union Ransomware Attack Impacts 240,000

SRP Federal Credit Union says the personal information of 240,000 was stolen in a recent cyberattack claimed by a ransomware gang. The post SRP Federal Credit Union Ransomware Attack Impacts 240,000 appeared first on SecurityWeek. This article has been indexed…

900,000 People Impacted by ConnectOnCall Data Breach

ConnectOnCall has disclosed a data breach impacting the personal information of more than 900,000 individuals. The post 900,000 People Impacted by ConnectOnCall Data Breach appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: 900,000…

Keepit Raises $50 Million for SaaS Data Protection Solution

Denmark-based data protection company Keepit has raised $50 million, which brings the total investment to $90 million. The post Keepit Raises $50 Million for SaaS Data Protection Solution appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Rydox Cybercrime Marketplace Disrupted, Administrators Arrested

The US announced the takedown of Rydox, a marketplace for stolen personal information, and the arrest of three administrators. The post Rydox Cybercrime Marketplace Disrupted, Administrators Arrested appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Germany Sinkholes Botnet of 30,000 BadBox-Infected Devices

Germany’s cybersecurity agency BSI has sinkholed a botnet of 30,000 devices shipped with BadBox malware pre-installed. The post Germany Sinkholes Botnet of 30,000 BadBox-Infected Devices appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…

Phishing: The Silent Precursor to Data Breaches

Phishing is more than a mere nuisance—it is a formidable precursor to destructive data breaches. The post Phishing: The Silent Precursor to Data Breaches appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Phishing:…

Sublime Snags $60M Series B for Email Security Tech

Sublime said the new capital was provided by IVP, Citi Ventures, Index Ventures, Decibel Partners, and Slow Ventures and brings the total raised to $93.8 million. The post Sublime Snags $60M Series B for Email Security Tech appeared first on…

Microsoft MFA Bypassed via AuthQuake Attack

Oasis Security has disclosed AuthQuake, a method for bypassing Microsoft MFA within an hour without user interaction. The post Microsoft MFA Bypassed via AuthQuake Attack  appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…

27 DDoS Attack Services Taken Down by Law Enforcement

Law enforcement agencies in 15 countries cooperated in taking down 27 websites selling DDoS-for-hire services. The post 27 DDoS Attack Services Taken Down by Law Enforcement appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

Apple Pushes Major iOS, macOS Security Updates

Cupertino ships iOS 18.2 and macOS Sequoia 15.2 patches to fix data leakage, sandbox escapes and code exection vulnerabilities. The post Apple Pushes Major iOS, macOS Security Updates appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Google Pays $55,000 for High-Severity Chrome Browser Bug

Google pushes out major Chrome browser updates to fix multiple serious security defects. The post Google Pays $55,000 for High-Severity Chrome Browser Bug appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Google Pays…

Atlassian, Splunk Patch High-Severity Vulnerabilities

Atlassian and Splunk on Tuesday announced patches for over two dozen vulnerabilities, including high-severity flaws. The post Atlassian, Splunk Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Atlassian, Splunk Patch…

446,000 Impacted by Center for Vein Restoration Data Breach

Center for Vein Restoration discloses data breach impacting the personal, medical, and financial information of 446,000 individuals. The post 446,000 Impacted by Center for Vein Restoration Data Breach appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Adobe Patches Over 160 Vulnerabilities Across 16 Products

Adobe has patched over 160 vulnerabilities across over a dozen products, including Reader, Illustrator, Photoshop and Connect. The post Adobe Patches Over 160 Vulnerabilities Across 16 Products appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

SAP Patches Critical Vulnerability in NetWeaver

SAP has released patches for 16 vulnerabilities, including a critical-severity SSRF bug in NetWeaver (Adobe Document Services). The post SAP Patches Critical Vulnerability in NetWeaver appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…

Microsoft Rolls Out Default NTLM Relay Attack Mitigations

Microsoft has rolled out new default security protections that mitigate NTLM relaying attacks across on-premises Exchange, AD CS, and LDAP services. The post Microsoft Rolls Out Default NTLM Relay Attack Mitigations appeared first on SecurityWeek. This article has been indexed…

QNAP Patches Vulnerabilities Exploited at Pwn2Own

QNAP has released patches for multiple high-severity QTS and QuTS Hero vulnerabilities disclosed at the Pwn2Own Ireland 2024 hacking contest. The post QNAP Patches Vulnerabilities Exploited at Pwn2Own appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Eight Suspected Phishers Arrested in Belgium, Netherlands

Belgian and Dutch authorities arrested eight individuals for their alleged involvement in phishing, online scams, and money laundering operations. The post Eight Suspected Phishers Arrested in Belgium, Netherlands appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Anna Jaques Hospital Data Breach Impacts 316,000 People

Anna Jaques Hospital says the personal information of over 316,000 individuals was compromised in a year-old data breach. The post Anna Jaques Hospital Data Breach Impacts 316,000 People appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

SonicWall Patches 6 Vulnerabilities in Secure Access Gateway

SonicWall has released patches for multiple high-severity flaws in the SMA100 SSL-VPN secure access gateway. The post SonicWall Patches 6 Vulnerabilities in Secure Access Gateway appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…

Critical Vulnerability Discovered in SailPoint IdentityIQ

A critical directory traversal vulnerability in the SailPoint IdentityIQ IAM platform exposes restricted files to attackers. The post Critical Vulnerability Discovered in SailPoint IdentityIQ appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Critical…

‘DroidBot’ Android Trojan Targets Banking, Cryptocurrency Applications

The newly discovered DroidBot Android trojan targets 77 banks, cryptocurrency exchanges, and national organizations. The post ‘DroidBot’ Android Trojan Targets Banking, Cryptocurrency Applications appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: ‘DroidBot’ Android…