In August 2024, the website of Master Chris Leong "a leading Tit Tar practitioner in Malaysia" suffered a data breach. The incident exposed 27k unique email addresses along with names, physical addresses, dates of birth, genders, nationalities and in many…
Category: EN
Why Badge’s device independent MFA is core to the future of identity security
Badge’s device-independent MFA allows users to enroll once on any device and authenticate seamlessly across all their devices. This article has been indexed from Security News | VentureBeat Read the original article: Why Badge’s device independent MFA is core to…
Six 0-Days Lead Microsoft’s August 2024 Patch Push
Microsoft today released updates to fix at least 90 security vulnerabilities in Windows and related software, including a whopping six zero-day flaws that are already being actively exploited by attackers. This article has been indexed from Krebs on Security Read…
LDLC – 1,266,026 breached accounts
In March 2024, French retailer LDLC disclosed a data breach that impacted customers of their physical stores. The data was previously listed for sale on a popular hacking forum and contained 1.26M unique email addresses along with names, phone numbers…
Cloud infrastructure entitlement management in AWS
Customers use Amazon Web Services (AWS) to securely build, deploy, and scale their applications. As your organization grows, you want to streamline permissions management towards least privilege for your identities and resources. At AWS, we see two customer personas working…
Back to school: Managing your high schooler’s digital milestones
Just as you wouldn’t put your kid in a car at age 16 and say, “Drive, kid!” without ever talking to them about how to drive—and why speeding or driving intoxicated or looking at your phone while driving is dangerous—you…
Six ransomware gangs behind over 50% of 2024 attacks
Plus many more newbies waiting in the wings Despite a law enforcement takedown six months ago, LockBit 3.0 remains the most prolific encryption and extortion gang, at least so far, this year, according to Palo Alto Networks’ Unit 42.… This…
FBI Disrupts Operations of the Dispossessor Ransomware Group
The FBI and law enforcement agencies from the UK and Germany seized servers and domains belonging to the Dispossessor ransomware gang, which had emerged into the spotlight following a similar operation against the notorious LockBit gang in February. The post…
Microsoft fixes 6 zero-days under active attack
August 2024 Patch Tuesday is here, and Microsoft has delivered fixes for 90 vulnerabilities, six of which have been exploited in the wild as zero-days, and four are publicly known. The zero-days under attack CVE-2024-38178 is a Scripting Engine Memory…
Microsoft August 2024 Patch Tuesday, (Tue, Aug 13th)
This month we got patches for 186 vulnerabilities. Of these, 9 are critical, and 9 are zero-days (3 previously disclosed, and 6 are already being exploited). This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the…
16 Women in Cybersecurity Who Are Reshaping the Industry [2024]
Women make up 20% to 25% of cybersecurity professionals. While this is an improvement from a mere 11% since 2017, historical obstacles remain for women… The post 16 Women in Cybersecurity Who Are Reshaping the Industry [2024] appeared first on…
What the Delta-Crowdstrike lawsuit may mean for IT contracts
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Security Resources and Information from TechTarget Read the original article: What the Delta-Crowdstrike lawsuit may mean for…
Microsoft Warns of Six Windows Zero-Days Being Actively Exploited
Microsoft’s security response team pushed out documentation for almost 90 vulnerabilities across Windows and OS components and marked several flaws in the actively exploited category. The post Microsoft Warns of Six Windows Zero-Days Being Actively Exploited appeared first on SecurityWeek.…
Gartner® Insights: Navigating the Evolving API Protection Market and Taking Action
Securing your API ecosystem is increasingly complex, leaving organizations unsure where to begin. Gartner’s® 2024 Market Guide for API Protection offers clear guidance: “Start using API protection products to discover and categorize your organization’s APIs. Identify critical APIs that are…
Talos discovers Microsoft kernel mode driver vulnerabilities that could lead to SYSTEM privileges; Seven other critical issues disclosed
The most serious of the issues included in August’s Patch Tuesday is CVE-2024-38063, a remote code execution vulnerability in Windows TCP/IP. This article has been indexed from Cisco Talos Blog Read the original article: Talos discovers Microsoft kernel mode driver…
Law enforcement disrupts Radar/Dispossessor ransomware group
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Security Resources and Information from TechTarget Read the original article: Law enforcement disrupts Radar/Dispossessor ransomware group
A PoC exploit code is available for critical Ivanti vTM bug
Ivanti warned of a critical authentication bypass flaw in its Virtual Traffic Manager (vTM) appliances that can allow attackers to create rogue administrator accounts. Ivanti addressed a critical authentication bypass vulnerability, tracked as CVE-2024-7593 (CVSS score of 9.8), impacting Virtual…
National Public Data (unverified) – 133,957,569 breached accounts
In April 2024, a large trove of data made headlines as having exposed "3 billion people" due to a breach of the National Public Data background check service. The initial corpus of data released in the breach contained billions of…
Vulnerability Recap 8/12/24 – Old Vulnerabilities Unexpectedly Emerge
It’s been a startling week in vulnerability news, mainly due to a few older vulnerabilities coming to light. While it doesn’t look like they’ve been exploited yet, threat actors may make a move now that the flaws have been publicized.…
Ewon Cosy+ Industrial Devices Vulnerable to Serious Security Exploits
Recently, severe security flaws were identified in the Ewon Cosy+ industrial remote access devices, which could allow attackers to gain complete control over the systems. This vulnerability presents a serious risk, as it could lead to unauthorised access, allowing…