A never-before-seen botnet called Goldoon has been observed targeting D-Link routers with a nearly decade-old critical security flaw with the goal of using the compromised devices for further attacks. The vulnerability in question is CVE-2015-2051 (CVSS score: 9.8), which affects D-Link DIR-645 routers and allows remote attackers to execute…
Category: EN
Dropbox Discloses Breach of Digital Signature Service Affecting All Users
Cloud storage services provider Dropbox on Wednesday disclosed that Dropbox Sign (formerly HelloSign) was breached by unidentified threat actors, who accessed emails, usernames, and general account settings associated with all users of the digital signature product. The company, in a filing with the U.S.…
When is One Vulnerability Scanner Not Enough?
Like antivirus software, vulnerability scans rely on a database of known weaknesses. That’s why websites like VirusTotal exist, to give cyber practitioners a chance to see whether a malware sample is detected by multiple virus scanning engines, but this concept hasn’t existed in…
Cyber Startup Oasis Secures $35 Million Series A Extension, Doubles Valuation
The extension round was led by existing investors Accel, Cyberstarts, and Sequoia Capital, along with private investors. Oasis has now raised a total of $75 million, including its seed round and previous Series A. This article has been indexed from…
AI is Creating a New Generation of Cyberattacks
Most businesses see offensive AI fast becoming a standard tool for cybercriminals, with 93% of security leaders expecting to face daily AI-driven attacks, according to Netacea. This article has been indexed from Cyware News – Latest Cyber News Read the…
CalypsoAI introduces customizable generative AI security scanners for enterprises
CalypsoAI introduced two AI security solutions to the CalypsoAI SaaS platform: next gen security scanners and enhanced security functionalities for chat platforms such as Slack and Microsoft Teams. These new capabilities are designed to empower enterprises with control and efficiency…
Nord Security unveils NordStellar, a platform for advanced cyber threat detection and response
Nord Security introduces NordStellar, a next-generation threat exposure management platform. Created by developers of VPN solution NordVPN, the enterprise cyber threat exposure management platform helps businesses detect and respond to cyber threats, secure data access, safeguard accounts, prevent fraud, and…
REvil Ransomware Affiliate Sentenced to Over 13 Years in Prison
A US court has sentenced a Ukrainian national to 13 years and seven months in prison for his role in over 2500 ransomware attacks using the REvil strain This article has been indexed from www.infosecurity-magazine.com Read the original article: REvil…
Cybersecurity: The Battle of Wits
With cybersecurity, the digital battlegrounds stretch across the vast expanse of the internet. On the one side, we have increasingly sophisticated and cunning adversaries. On the other, skilled cybersecurity practitioners who are desperate to protect their companies’ assets at all…
Tripwire Patch Priority Index for April 2024
Tripwire’s April 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. Firsts on the list are patches for Microsoft Edge (Chromium-based) and Chromium that resolve 2 spoofing vulnerabilities. Next on the patch priority list this month is a…
US Warns of Russian Hackers Targeting Operational Technology in Water Systems
The alert says that water operators are employing poor security standards that have allowed the hackers to breach their networks, including the use of default passwords that are included when the water system management tools are first installed. This article…
Veracode platform enhancements help organizations reduce application risk
Veracode announced platform innovations that set a new standard for developer-powered application security. New repo risk visibility and analysis from Longbow Security, powered by Veracode, speeds up remediation of application risk from code repositories to runtime images. The solution launches…
Illumio and Wiz’s integration enhances cyber resilience in the cloud
Illumio has partnered with Wiz and joins Wiz Integrations (WIN) Platform. Illumio enhances WIN by bringing the power of Illumio’s Zero Trust Segmentation platform to the partner ecosystem, so that customers can seamlessly integrate Wiz into their existing Illumio workflows.…
Anthropic Launches Enterprise-Focused Claude, Plus iPhone App
Two updates to Anthropic’s AI chatbot Claude sees arrival of a new business-focused plan, as well as an iOS app This article has been indexed from Silicon UK Read the original article: Anthropic Launches Enterprise-Focused Claude, Plus iPhone App
Threat Actors Attacking MS-SQL Servers to Deploy Ransomware
Cybersecurity experts have uncovered a series of sophisticated cyberattacks targeting poorly managed Microsoft SQL (MS-SQL) servers. The attackers, identified as the TargetCompany ransomware group, have been deploying the Mallox ransomware in a bid to encrypt systems and extort victims. This…
Understanding Microsoft’s Trusted Signing service
How do we ensure that the code we’re installing is, at the very least, the code that a vendor shipped? The generally accepted solution is code signing, adding a digital signature to binaries that can be used to ensure authorship.…
IAM and Passkeys: 4 Steps Towards a Passwordless Future
IAM and Passkeys: 4 Steps Towards a Passwordless Future madhav Thu, 05/02/2024 – 05:07 < div> In the ever-evolving landscape of cybersecurity, Identity and Access Management (IAM) remains a vital link in the cybersecurity chain. However, with World Password Day…
Venafi launches 90-Day TLS Readiness Solution
Venafi launched its new 90-Day TLS Readiness Solution to help organizations comply with Google’s proposed 90-day TLS certificate standard, improving security posture while reducing the risk of certificate-related interruptions. According to a Venafi study, 83% of organizations have been hit…
Deep Instinct DIANNA provides malware analysis for unknown threats
Deep Instinct announced the launch of Deep Instinct’s Artificial Neural Network Assistant (DIANNA), an AI-based cybersecurity companion that provides explainability into unknown threats. DIANNA enhances Deep Instinct’s prevention-first approach to cybersecurity through its expert-grade static malware analysis, something no other…
Skyhawk Security unveils cloud-native CTEM, streamlining security with AI-powered automation
Skyhawk Security has unveiled its cloud native Continuous Threat Exposure Management (CTEM) solution. The agentless approach empowers organizations to automate their CTEM program for the first time and operationalize it through Skyhawk’s existing AI-based Synthesis Security Platform. The sophistication and…