Category: Cyware News – Latest Cyber News

Authelia is an open-source authentication and authorization server that offers 2FA and SSO for applications through a web portal. It works alongside reverse proxies to permit, deny, or redirect requests. This article has been indexed from Cyware News – Latest…

Read more →

Over 100 medical associations and industry groups, representing thousands of U.S. doctors and healthcare professionals, have urged the HHS to hold Change Healthcare accountable for breach notifications following a massive February ransomware attack. This article has been indexed from Cyware…

Read more →

To enable E2EE, all meeting participants must join from the Zoom desktop or mobile app. While those hosting a meeting on a free account can use E2EE, they will still need to verify their phone number via an SMS-delivered code.…

Read more →

?Veeam warned customers today to patch a critical security vulnerability that allows unauthenticated attackers to sign into any account via the Veeam Backup Enterprise Manager (VBEM). This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

The Open Source Security Foundation (OpenSSF) announced a new email mailing list named Siren that aims to spread threat intelligence related to open-source projects. It will be publicly viewable and will only require registration to post on the list. This…

Read more →

An extensive security audit of QNAP QTS, the operating system for the company’s NAS products, has uncovered fifteen vulnerabilities of varying severity, with eleven remaining unfixed. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Void Manticore utilizes five different methods to conduct disruptive operations against its victims. This includes several custom wipers for both Windows and Linux, alongside manual deletion of files and shared drives. This article has been indexed from Cyware News –…

Read more →

Germany is considering banning the use of Huawei and ZTE equipment in its 5G networks due to national security concerns, despite industry opposition and the potential high costs associated with the removal of the Chinese-made technology. This article has been…

Read more →

The Jumio 2024 Online Identity Study reveals that while consumers are increasingly concerned about the risks posed by deepfakes and generative AI, they continue to overestimate their ability to detect these deceptions. This article has been indexed from Cyware News…

Read more →

The CISA has required federal agencies to update to a patched version of Mirth Connect (version 4.4.1 or later) by June 10, 2024, to secure their networks against active threats. This article has been indexed from Cyware News – Latest…

Read more →

Cybersecurity researchers have discovered a critical vulnerability, dubbed “Linguistic Lumberjack,” in the popular logging and metrics utility Fluent Bit that could allow for denial-of-service (DoS), information disclosure, or remote code execution. This article has been indexed from Cyware News –…

Read more →

Researchers at Genians Security Center (GSC) identified the North Korea-linked Kimsuky APT group targeting victims via Facebook Messenger, using fake accounts posing as South Korean officials to deliver malware. This article has been indexed from Cyware News – Latest Cyber…

Read more →

An attorney discovered that the mobile ads she saw were reflecting her recent library audiobook borrowing habits, raising concerns about the privacy of library patron data and the potential for targeted advertising based on that information. This article has been…

Read more →

Cybercriminals’ new tactics led to a 64% increase in ransomware claims in 2023, driven by a 415% rise in “indirect” incidents and remote access vulnerabilities, pressuring more victims to pay ransoms, according to At-Bay. This article has been indexed from…

Read more →

Researchers at Horizon3.ai discovered a critical remote code execution vulnerability (CVE-2023-34992) in Fortinet FortiSIEM, allowing unauthenticated attackers to execute commands as root users and gain access to sensitive information. This article has been indexed from Cyware News – Latest Cyber…

Read more →

The acquisition will allow CyberArk to expand its capabilities in securing machine-to-machine communications and address the growing attack surface in the cloud-first, AI-driven, and post-quantum world. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Insikt Group uncovered a sophisticated campaign led by Russian-speaking actors who used GitHub profiles to spoof legitimate software apps and distribute various malware, including Atomic macOS Stealer (AMOS) and Vidar. This article has been indexed from Cyware News – Latest…

Read more →

Two Chinese nationals have been indicted for their alleged involvement in a multimillion-dollar “pig butchering” investment fraud scheme, where they laundered over $73 million through US financial institutions and cryptocurrency wallets. This article has been indexed from Cyware News –…

Read more →

The enterprise attack surface is rapidly expanding due to the convergence of IT and OT systems, leading to a large number of ICS assets being exposed to the public internet and creating new vulnerabilities that security teams struggle to manage.…

Read more →

The SEC has approved new regulations that require broker-dealers and investment firms to notify their clients within 30 days of detecting a data breach, in an effort to modernize and enhance the protection of consumers’ financial data. This article has…

Read more →