Security News > 2024 > June

As a Cyber Security Engineer, you will define and monitor security requirements for applications and infrastructures. As an Incident Response Analyst, you will investigate and respond to cybersecurity incidents, conduct threat hunting activities using various tools and techniques, prepare detailed incident reports and briefings for clients and internal stakeholders, collaborate with cross-functional teams to enhance security measures and protocols, and train junior staff and contribute to knowledge sharing within the team.

While 62% of organizations have begun their own zero trust journey, only 48% of US organizations have, raising a concern that Western entities know they have a problem but are unable to adopt zero trust, leaving them vulnerable to cyber threats. Cloud security incidents make organizations turn to AI-powered prevention.

Action1 researchers found an alarming increase in the total number of vulnerabilities across all enterprise software categories. "With the NVD's delay in associating Common Vulnerabilities and Exposures identifiers with CPE data, our report comes at a critical moment, providing much-needed insights into the evolving vulnerability landscape for enterprise software," said Mike Walters, President of Action1.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Microsoft has confirmed that Windows 10 apps will mistakenly display an "How do you want to open this file?" dialog box when attempting to right-click on the program's icon and perform a registered task. "Following installation of the Windows update released April 23, 2024and updates released after that, certain apps might display an"Open With" dialog box asking, 'How do you want to open this file?'," reads the status update.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

AMD is investigating whether it suffered a cyberattack after a threat actor put allegedly stolen data up for sale on a hacking forum, claiming it contains AMD employee information, financial documents, and confidential information. "We are aware of a cybercriminal organization claiming to be in possession of stolen AMD data," AMD told BleepingComputer in a statement.

A new phishing-as-a-service platform called ONNX Store is targeting Microsoft 365 accounts for employees at financial firms using QR codes in PDF attachments. Researchers at EclecticIQ who discovered the activity believe that ONNX is a rebranded version of the Caffeine phishing kit managed by the Arabic-speaking threat actor MRxC0DER. Mandiant discovered caffeine in October 2022, when the platform targeted Russian and Chinese platforms instead of Western services.

VMware has issued a security advisory addressing critical vulnerabilities in vCenter Server, including remote code execution and local privilege escalation flaws. VMware vCenter Server is a central management platform for VMware vSphere, enabling the management of virtual machines and ESXi hosts.