Category: Uncategorized
-
Top API risks and how to mitigate them
Post ContentRead More
-
GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware [email protected] (The Hacker News)
A recently disclosed security flaw in OSGeo GeoServer GeoTools has been exploited as part of multiple campaigns to deliver cryptocurrency miners, botnet malware such as Condi and JenX, and a known backdoor called SideWalk. The security vulnerability is a critical remote code execution bug (CVE-2024-36401, CVSS score: 9.8) that could allow malicious actors to take…
-
GitHub Actions Vulnerable to Typosquatting, Exposing Developers to Hidden Malicious Code [email protected] (The Hacker News)
Threat actors have long leveraged typosquatting as a means to trick unsuspecting users into visiting malicious websites or downloading booby-trapped software and packages. These attacks typically involve registering domains or packages with names slightly altered from their legitimate counterparts (e.g., goog1e.com vs. google.com). Adversaries targeting open-source repositories acrossRead More
-
Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild Eduard Kovacs
SonicWall is warning customers that the recently patched critical vulnerability CVE-2024-40766 may be exploited in the wild. The post Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild appeared first on SecurityWeek. Read More
-
In Other News: US Army Hacks Buildings, X Hiring Cybersecurity Staff, Bitcoin ATM Scams SecurityWeek News
Noteworthy stories that might have slipped under the radar: US Special Forces can hack buildings, X is hiring cybersecurity staff, and FTC warns of Bitcoin ATM scams. The post In Other News: US Army Hacks Buildings, X Hiring Cybersecurity Staff, Bitcoin ATM Scams appeared first on SecurityWeek. Read More
-
What is identity threat detection and response (ITDR)?
Post ContentRead More
-
Apache Makes Another Attempt at Patching Exploited RCE in OFBiz Ionut Arghire
The latest Apache OFBiz update patches CVE-2024-45195, a bypass of a recently disclosed remote code execution bug exploited in attacks. The post Apache Makes Another Attempt at Patching Exploited RCE in OFBiz appeared first on SecurityWeek. Read More
-
Cybersecurity M&A Roundup: 36 Deals Announced in August 2024 Eduard Kovacs
Roundup of the three dozen cybersecurity-related merger and acquisition (M&A) deals announced in August 2024. The post Cybersecurity M&A Roundup: 36 Deals Announced in August 2024 appeared first on SecurityWeek. Read More
-
Ransomware rocked healthcare, public services in August
Post ContentRead More
-
Veeam Patches Critical Vulnerabilities in Enterprise Products Ionut Arghire
Veeam has released patches for critical-severity vulnerabilities in Backup & Replication, ONE, and Service Provider Console. The post Veeam Patches Critical Vulnerabilities in Enterprise Products appeared first on SecurityWeek. Read More