Cisco has rolled out security updates to address a critical flaw reported in the ClamAV open source antivirus engine that could lead to remote code execution on susceptible devices. Tracked as CVE-2023-20032 (CVSS score: 9.8), the issue relates to a case of…
New Mirai Botnet Variant ‘V3G4’ Exploiting 13 Flaws to Target Linux and IoT Devices
A new variant of the notorious Mirai botnet has been found leveraging several security vulnerabilities to propagate itself to Linux and IoT devices. Observed during the second half of 2022, the new version has been dubbed V3G4 by Palo Alto Networks Unit…
Cisco fixed critical RCE bug in ClamAV Open-Source Antivirus engine
Cisco addressed a critical vulnerability in the ClamAV open source antivirus engine that can lead to remote code execution on vulnerable devices. Cisco fixed a critical flaw, tracked as CVE-2023-20032 (CVSS score: 9.8), in the ClamAV open source antivirus engine. The…
Analysis: White House Cybersecurity Policy Maker – Secure Open Source Software Even If It Benefits ‘Adversaries’ We Should Do It Anyway
By Joe Fay Resiliency is the endgame of the U.S. approach to internet and software security. The U.S. has a vested interest in creating a secure and resilient internet and software ecosystem, even if it means its “adversaries” also benefit,…
YouTube CEO Susan Wojcicki Steps Down
One of the first Google employees, YouTube’s CEO Susan Wojcicki, has confirmed she is stepping down after 25 years This article has been indexed from Silicon UK Read the original article: YouTube CEO Susan Wojcicki Steps Down
EU lawmakers advise against signing US data pact
Committee: Something about complaints process being dealt with in total secrecy doesn’t sit right Lawmakers in the European Parliament have urged the European Commission not to issue the “adequacy decision” needed for the EU-US Data Privacy Framework (DPF) to officially…
Want your endpoint security product in the Microsoft Consumer Antivirus Providers for Windows?
Weekly Update 335
Presently sponsored by: Kolide ensures only secure devices can access your cloud apps. It’s Device Trust tailor-made for Okta. Book a demo today. No cyber. It's literally a "cyber-free" week, as least far as the term relates to security things.…
ESET’s threat intelligence services extend an organizations’ security intelligence
ESET has launched its threat intelligence services, designed to extend an organizations’ security intelligence. These new commercially available reports provide deeper insights and actionable guidance from ESET’s renowned global research teams about specific threat vectors and attack sources. Now corporations…
XIoT vendors get serious about security, devote resources to protect cyber-physical systems
Cyber-physical system vulnerabilities disclosed in the second half (2H) of 2022 have declined by 14% since hitting a peak during 2H 2021, while vulnerabilities found by internal research and product security teams have increased by 80% over the same time…
How hackers can cause physical damage to bridges
In this Help Net Security video, Daniel Dos Santos, Head of Security Research at Forescout, talks about recent research, which has revealed how attackers can move laterally between vulnerable networks and devices found at the controller level of critical infrastructure.…
Navigating the ever-changing landscape of digital security solutions
Recently, Entrust named Bhagwat Swaroop as President, Digital Security Solutions. In this role, Bhagwat will lead the evolution, growth, and expansion of the Entrust Digital Security portfolio, which includes solutions for data encryption, public and private certificate authorities, identity and…
New infosec products of the week: February 17, 2023
Here’s a look at the most interesting products from the past week, featuring releases from CyberSaint, DigiCert, Finite State, FireMon, and Veeam Software. CyberSaint Executive Dashboard empowers CISOs to take control of cyber risk communication The Executive Dashboard is the…
10 Best Free SSL Checker Tools
SSL Checker helps you in troubleshooting common SSL issues and SSL endpoint vulnerabilities. With the free SSL certificate checker tool, just you need to submit the domain name or IP address along with the port number to analyze the configuration…
Apocalypse with Artificial Intelligence is near with Microsoft AI powered ChatGPT
Yes, what you’ve read is right! Within a few years, the technology of Artificial Intelligence(AI) could bring-in the doomsday and kill the entire humanity. And these are not the words analyzed by either Twitter chief Elon Musk or Apple CEO…
Critical RCE Vulnerability Discovered in ClamAV Open-Source Antivirus Software
Cisco has rolled out security updates to address a critical flaw reported in the ClamAV open source antivirus engine that could lead to remote code execution on susceptible devices. Tracked as CVE-2023-20032 (CVSS score: 9.8), the issue relates to a case of…
Antivirus apps are there to protect you – Cisco’s ClamAV has a heckuva flaw
Switchzilla hardware and software need attention, unless you fancy arbitrary remote code execution Antivirus software is supposed to be an important part of an organization’s defense against the endless tide of malware.… This article has been indexed from The Register…
CISA adds Cacti, Office, Windows and iOS bugs to its Known Exploited Vulnerabilities Catalog
US CISA added actively exploited flaws in Cacti framework, Microsoft Office, Windows, and iOS to its Known Exploited Vulnerabilities Catalog. US CISA added the following actively exploited flaws to its Known Exploited Vulnerabilities Catalog: CVE-2022-46169 – Cacti is an open-source platform that…
Norway finds a way to recover crypto North Korea pinched in Axie heist
Meanwhile South Korea’s Do Kwon is sought for fraud by US authorities Norwegian authorities announced on Thursday that they had recovered $5.9 million of cryptocurrency stolen in the Axie Infinity hack – an incident widely held to have been perpetrated…
How to protect your car dealership from cyber-attacks
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Recent trends show that car dealerships are becoming…
The top 8 Cybersecurity threats facing the automotive industry heading into 2023
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Most, if not all, industries are evolving on…
PREDICTIONS 2023, PART 2: WHAT WILL THE NEW YEAR BRING FOR THE INFOSEC COMMUNITY?
By Diana-Lynn Contesti, CISSP-ISSAP, ISSMP, CSSLP, SSCP In part one of this series, we discussed what lies ahead in 2023, including a rise in wiperware and ransomware attacks plus challenges with OT infrastructure and staffing shortages. In our part two…
Dynatrace AppEngine enables teams to create custom, data-driven apps
Dynatrace AppEngine platform technology empowers customers and partners with an easy-to-use, low-code approach to create custom, compliant, and intelligent data-driven apps for their IT, development, security, and business teams. These custom apps can address boundless BizDevSecOps use cases and unlock…
IGEL COSMOS platform secures cloud workspaces
IGEL has announced IGEL COSMOS, a unified platform to securely manage and automate the delivery of digital workspaces, from any cloud. Offering a modular architecture, granular endpoint control and end-user freedom, COSMOS is designed to enable organizations to garner the…
ESET’s threat intelligence services provide organisation with guidance on potential risks
ESET has launched its threat intelligence services, designed to extend an organizations’ security intelligence. These new commercially available reports provide deeper insights and actionable guidance from ESET’s renowned global research teams about specific threat vectors and attack sources. Now corporations…
Rhymetec releases two compliance security offerings
Rhymetec has launched two new service offerings for SaaS companies: PCI Compliance Scanning and Phishing Testing & Training. Both offerings will assist B2B organizations in staying secure and compliant while they continue to grow and innovate. Staying on top of…
OneSpan Notary accelerates digital transformation for notarization
OneSpan announced the launch of OneSpan Notary, a next-generation, all-in-one, cloud-connected solution that enables organizations to transform the way notaries and customers complete agreements and notarize documents in a secure and trusted environment. OneSpan Notary was co-designed in collaboration with…