Security News > 2024 > March
VMware released security updates to fix critical sandbox escape vulnerabilities in VMware ESXi, Workstation, Fusion, and Cloud Foundation products, allowing attackers to escape virtual machines and access the host operating system.These types of flaws are critical as they could permit attackers to gain unauthorized access to the host system where a hypervisor is installed or access other virtual machines running on the same host, breaching their isolation.
The threat actors behind the BlackCat ransomware have shut down their darknet website and likely pulled an exit scam after uploading a bogus law enforcement seizure banner. "ALPHV/BlackCat did not...
Norton Secure VPN is a fast-performing VPN solution from popular security provider Norton. In this article, we walk you through how to set up and use Norton Secure VPN. We also answer some frequently asked questions about Norton Secure VPN and its features.
Outsourcing giant Capita today reported a net loss of £106.6 million for calendar 2023, with the costly cyberattack by criminals making a hefty dent in its annual financials.As a result, newly minted Capita CEO Adolfo Hernandez announced further cost cuts for the coming year that aim to save the business an additional £100 million by mid-2025.
Hackers are targeting misconfigured servers running Apache Hadoop YARN, Docker, Confluence, or Redis with new Golang-based malware that automates the discovery and compromise of the hosts. According to the researchers, the hackers deploy a set of four novel Golang payloads that are responsible for identifying and exploiting hosts running services for Hadoop YARN, Docker, Confluence, and Redis.
The Washington Post is reporting on the FBI's increasing use of push notification data-"Push tokens"-to identify people. The police can request this data from companies like Apple and Google without a warrant.
An in-depth look into a proactive website security solution that continuously detects, prioritizes, and validates web threats, helping to mitigate security, privacy, and compliance risks. ...
Every Google Workspace administrator knows how quickly Google Drive becomes a messy sprawl of loosely shared confidential information. This isn't anyone's fault; it’s inevitable as your...
Apple has fixed two iOS zero-day vulnerabilities exploited by attackers in the wild. "Additional CVE entries [are] coming soon," Apple noted for both updates.
SEMI, an industry association representing 3,000 chip vendors, would really appreciate it if the European Union would back off plans to impose export controls on China, arguing that they should only be used as a "Last resort" to protect national security. Restrictions on the export of chip tech have become a potent instrument in US efforts to stifle China's domestic semiconductor industry.