Gaping Security Holes Flagged in Exim Mail Server:
Researchers at Qualys have discovered multiple gaping security holes in Exim, a widely deployed mail server that has been targeted in the past by advanced nation state-based threat actors.
Read More
High-Severity Dell Driver Vulnerabilities Impact Hundreds of Millions of Devices:
Dell patches high-severity vulnerabilities affecting a driver that is present on hundreds of millions of devices.
Read More
New Variant of Buer Malware Loader Written in Rust to Evade Detection:
A new variant of the Buer malware loader written in Rust has been detected, which could help the threat evade anti-malware detections that are based on features of the malware written in C.
Read More
Trend Micro Unveils New OT Endpoint Security Solution Made by TXOne:
Trend Micro announces a new endpoint security solution developed by TXOne Networks for operational technology (OT) environments.
Read More
Acronis Raises $250 Million at $2.5 Billion Valuation:
Cyber protection solutions provider Acronis has raised another $250 million at a valuation of $2.5 billion.
Read More
ATT&CK v9 Introduces Containers, Google Workspace:
Version 9 of the ATT&CK framework introduces techniques related to containers and Google Workspace, as well as other changes.
Read More
Apple Warns of New Zero-Day Attacks on iOS, macOS:
Apple’s problems with zero-day attacks continued this week with news of another mysterious in-the-wild compromise on iPhones and macOS devices.
Read More
Alaska Court System Briefly Forced Offline Amid Cyber Threat:
The Alaska Court System has temporarily disconnected most of its operations from the internet after a cybersecurity threat on Saturday, including its website and removing the ability to look up court records.
Read More
Pulse Secure Ships Belated Fix for VPN Zero-Day:
The embattled VPN vendor provides cover for CVE-2021-22893, a major security flaw being exploited by advanced threat actors.
Read More
Cybersecurity M&A Roundup: 31 Deals Announced in April 2021:
Tens of cybersecurity mergers and acquisitions were announced in April 2021, including by Atos, Mastercard, Rapid7, Thoma Bravo and Accenture.
Read More
Tesla Car Hacked Remotely From Drone via Zero-Click Exploit:
Researchers show how Tesla cars could have been hacked remotely, from a drone, without any user interaction.
Read More
NSA Issues Guidance on Securing IT-OT Connectivity:
The NSA has released a cybersecurity advisory focusing on the security of operational technology (OT) systems, particularly connectivity to IT systems.
Read More
Effort to Protect Consumer Data Privacy Stalls in Florida:
A campaign by Gov. Ron DeSantis to help Floridians regain ownership of the troves of data that companies collect came to a halt, when state lawmakers could not agree on how tightly to limit how Big Data harvests and uses people’s information.
Read More
Unknown Chinese APT Targets Russian Defense Sector:
Researchers at Cybereason say they have discovered an undocumented malware targeting the Russian military sector.
Read More
Task Force Calls for Aggressive US 'Anti-Ransomware' Campaign:
A task force from the Institute for Security and Technology recommends a comprehensive framework for preparing for, disrupting, and responding to ransomware attacks.
Read More
Contract Tracing Breach Impacts Private Info of 72K People:
Employees of a vendor paid to conduct COVID-19 contact tracing in Pennsylvania may have compromised the private information of at least 72,000 people, including their exposure status and their sexual orientation.
Read More
Security Operations and Management Startup StrikeReady Emerges From Stealth:
The company’s platform is designed to help security teams quickly respond to incidents and defend against threats.
Read More
SonicWall Zero-Day Exploited by Ransomware Group Before It Was Patched:
Over the past half a year, the advanced threat actor was observed using multiple malware families and aggressively pressuring victims into paying the ransom.
Read More
|