Cybersecurity News

Active Mirai Botnet Variant Exploiting Zyxel Devices for DDoS Attacks

U.S. Cybersecurity Agency raises alarm over critical flaw in Zyxel gear! Active exploitation detected.

ift.tt

Urgent WordPress Update Fixes Critical Flaw in Jetpack Plugin on Million of Sites

⚠️ If you're using the Jetpack plugin, listen up! A critical flaw has been discovered, leaving your WordPress site vulnerable to attacks.

ift.tt

Managing third-party risks in the supply chain

Security executives who combine security culture, compliance and risk assessments can reduce the impact of security th…

ift.tt

Non-human identities: Secure them now, not later

Now is the time to secure non-human identities — access tokens, integrations and authentication tools — to prevent future cyberattacks.

ift.tt

How OffSec’s Web Application Security Course Helps Technical Team Members Become Better Developers,…

In this blog, learn about how OffSec’s web application security course helps team members become better developers, attackers, and defenders.

ift.tt

Yet Another Toyota Cloud Data Breach Jeopardizes Thousands of Customers

The newly found misconfigured cloud services are discovered just two weeks after an initial data breach affecting millions came to light.

ift.tt

Can Cloud Services Encourage Better Login Security? Netflix's Accidental Model

Netflix's unpopular password-sharing policy change had a positive cybersecurity silver lining. Can more B2C service prov…

ift.tt

MacOS 'Migraine' Bug: Big Headache for Device System Integrity

Microsoft says the vulnerability could allow cyberattackers with root access to bypass security protections and install malware.

ift.tt

What Apple's RSRs Reveal About Mac Patch Management

Apple's Rapid Security Response updates are designed to patch critical security vulnerabilities, but how much good can…

ift.tt

FTC orders Edmodo to stop using minor education data for advertising

Education technology provider Edmodo received an order from the FTC for collecting children's personal data without proper parental consent.

ift.tt

Ways to Help Cybersecurity's Essential Workers Avoid Burnout

To support and retain the people who protect assets against bad actors, organizations should create a more defensible environment.

ift.tt

52% of consumers confident in detecting deepfake videos

 According to a recent artificial intelligence (AI) and technology report, consumers appear to overestimate their ability to spot deepfakes.

ift.tt

Federal Transit Administration proposes changes to safety plan

The FTA has proposed updates to the National Public Safety Plan to create a blueprint for transit agencies to adopt stronger safety measures.

ift.tt

Investment May Be Down, but Cybersecurity Remains a Hot Sector

There's still a great deal of capital available for innovative companies helping businesses secure their IT environments.

ift.tt

AMA: Campus Safety Leader Edition — Todd Jones

In this AMA episode from Security magazine, Todd Jones, Director of Campus Safety at the Minneapolis College of Art and Design, talks campus security.

ift.tt

Checkmarx Announces GenAI-powered AppSec Platform, Empowering Developers and AppSec Teams to Find…

Powered by GPT-4, innovative new AI-driven capabilities lower application security (AppSec) risk and help security teams…

ift.tt

Cybercriminals Targeting Apache NiFi Instances for Cryptocurrency Mining

Unprotected Apache NiFi servers at risk! A financially motivated threat actor is hunting for prey, deploying crypto miners and infiltrating networks.

ift.tt

New eID Scheme Gives EU Citizens Easy Access to Public Services Online

The European Commission voted a new electronic identification scheme that creates new opportunities for EU citizens and businesses.

ift.tt

Mirai Variant Opens Tenda, Zyxel Gear to RCE, DDoS

Researchers have observed several cyberattacks leveraging a botnet called IZ1H9, which exploits vulnerabilities in exposed…

ift.tt

How security teams should respond to sophisticated ransomware attacks

As a constantly evolving form of malware, ransomware attacks only grow in sophistication and find new ways to steal business-critical data.

ift.tt

Focus Security Efforts on Choke Points, Not Visibility

By finding the places where attack paths converge, you can slash multiple exposures in one fix for more efficient remediation.

ift.tt

Critical Firmware Backdoor in Gigabyte Systems Exposes ~7 Million Devices

Gigabyte systems have been found with backdoor-like behavior, allowing unsecure Windows executable downloads via UEFI firmware.

ift.tt

Beware of Ghost Sites: Silent Threat Lurking in Your Salesforce Communities

Abandoned and unmonitored Salesforce Communities are vulnerable to cyber attacks, putting your sensitive data at risk.

ift.tt

Salesforce 'Ghost Sites' Expose Sensitive Corporate Data

Some companies have moved on from using Salesforce. But without remembering to fully deactivate their clouds, Salesforce won't move on from them.

ift.tt