Security News > 2023 > December
Apiiro: Deep ASPM. Apiiro goes beyond the basics, using native code-to-runtime context to unify risk visibility, assessment, prioritization, and governance across applications and software supply chains. Open platform with native AppSec and SSCS. In addition to built-in integrations with third-party security tools, Apiiro also provides native application and software supply chain security solutions.
Japanese car maker Nissan is investigating a cyberattack that targeted its systems in Australia and New Zealand, which may have let hackers access personal information. Details of the attack have not been published but the company informed customers of its Nissan Oceania division of a potential data breach, warning them that there is a risk of scams in the upcoming days.
Threat actors can take advantage of Amazon Web Services Security Token Service (AWS STS) as a way to infiltrate cloud accounts and conduct follow-on attacks. The service enables threat actors to...
Microsoft will not abandon Windows 10 users to an insecure fate once it reaches end of support on October 14, 2025: both enterprises and individual consumers will be able receive Extended Security Updates, but will have to pay for them. "The ESU program enables PCs to continue to receive critical and important security updates through an annual subscription service after support ends. To be eligible to install updates from the ESU program, devices must be running Windows 10, version 22H2," Microsoft says.
Compromising the browser is a high-return target for adversaries. Browser extensions, which are small software modules that are added to the browser and can enhance browsing experiences, have...
A collection of 21 security flaws have been discovered in Sierra Wireless AirLink cellular routers and open-source software components like TinyXML and OpenNDS. Collectively tracked as Sierra:21,...
Why we need the confidence to deploy secure, compliant AI-powered applications and workloads Sponsored Feature Every organisation must prioritise the protection of mission critical data,...
In an increasingly complex and fast-paced digital landscape, organizations strive to protect themselves from various security threats. However, limited resources often hinder security teams when...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a high-severity Adobe ColdFusion vulnerability by unidentified threat actors to gain initial...
Forescout detailed the discovery of 21 new vulnerabilities in OT/IoT routers and open-source software elements. The "SIERRA:21 - Living on the Edge" report features research into Sierra Wireless AirLink cellular routers and some open-source components, such as TinyXML and OpenNDS. Sierra Wireless routers are popular - an open database of Wi-Fi networks shows 245,000 networks worldwide running Sierra Wireless for various applications.