Security News > 2023 > October
The suspected man-in-the-middle attack was identified when the administrator of jabber. Ru, the largest Russian XMPP service, received a notification that one of the servers' certificates had expired.
When organizations start incorporating cybersecurity regulations and cyber incident reporting requirements into their security protocols, it's essential for them to establish comprehensive plans...
Google has announced that it's expanding its Vulnerability Rewards Program (VRP) to reward researchers for finding attack scenarios tailored to generative artificial intelligence (AI) systems in...
With the assent of King Charles, the United Kingdom's Online Safety Act has become law, one that the British government says will "Make the UK the safest place in the world to be online." The Online Safety Act, which began in April 2019 as the Online Harms White Paper when Theresa May served as Prime Minister and was passed by Parliament in September, aims to tame the internet.
On Wednesday, Apple released security updates for all supported branches of iOS and iPadOS, macOS, tvOS, watchOS and Safari. Another vulnerability of note fixed this Wednesday with the release of iOS 17.1 and iPadOS 17.1, iOS 16.7.2 and iPadOS 16.7.2, tvOS 17.1 and watchOS 10.1 is CVE-2023-42846, a bug that made a privacy-enhancing feature not work as intended.
Raven is an open-source CI/CD pipeline security scanner that makes hidden risks visible by connecting the dots across vulnerabilities woven throughout the pipeline that, when viewed collectively, reveal a much greater risk than when assessed as one-off CVEs. Raven boosts the ability of security teams to implement secure software development practices, enabling them to work more strategically with DevOps teams while maturing their organization's ASPM capabilities.
ThreatLabz focused on understanding IoT device activity and attributes via device fingerprinting and analyzing the IoT malware threat landscape. By adopting a zero trust architecture, organizations can gain visibility into IoT device traffic and minimize IoT security risks.
F5 has alerted customers of a critical security vulnerability impacting BIG-IP that could result in unauthenticated remote code execution. The issue, rooted in the configuration utility component,...
Despite advancements in IT security measures, SMBs remain firmly in the crosshairs of cybercriminals, according to Devolutions. Devolutions CEO David Hervieux states, "The results from our survey dovetail nicely with October's National Cybersecurity Awareness Month - as one of our primary goals with this report is to expand awareness of the vulnerabilities that many SMBs face. It's not just about presenting stats but about truly educating the industry on the various pitfalls - and how SMBs can use the survey findings to identify gaps, develop strategies, and make informed decisions regarding their cybersecurity posture."
63% of respondents indicated that they are comfortable with AI helping their bank detect fraud. Almost half of respondents abandoned a new bank account application after starting because it didn't feel secure or was too cumbersome.