Security News > 2024 > June

If you're self-hosting an Atlassian Confluence Server or Data Center installation, you should upgrade to the latest available version to fix a high-severity RCE flaw for which a PoC and technical details are already public. Confluence Server and Data Center are software solutions that are widely used in enterprise settings to manage knowledge bases, documentation, and standardize collaboration.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

The North Korea-linked threat actor known as Andariel has been observed using a new Golang-based backdoor called Dora RAT in its attacks targeting educational institutes, manufacturing firms, and...

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

NethSecurity is a free, open-source Linux firewall that simplifies network security deployment. It integrates various security features into one platform, including firewalling, intrusion detection and prevention, antivirus, multi-WAN, DNS, and content filtering.

As organizations pursue digital transformation, they urgently need to prioritize digital trust to achieve their goals and prepare for future market opportunities, legislation, and regulatory compliance, according to ISACA. The ISACA State of Digital Trust 2024 report finds that 77% of respondents agree that digital trust is crucial to digital transformation and 82% say digital trust will grow in importance over the next five years. Despite this recognition, almost 71% report that their organization provides no staff training on digital trust and only 21% of organizations plan to increase their budget for digital trust.

Fake web browser updates are being used to deliver remote access trojans (RATs) and information stealer malware such as BitRAT and Lumma Stealer (aka LummaC2). "Fake browser updates have been...

Despite AI's potential, only 14% of organizations are ready to implement and utilize these technologies. While AI offers significant advantages, the focus must shift to essential, foundational actions to realize its full potential, emphasizing both technical and soft skills development across all organizational levels.

Polaris Assist combines Large Language Model technology with Synopsys' application security knowledge and intelligence - including coding patterns, vulnerability detection rules, and Black Duck's vast open source knowledge base - to provide security and development teams with easy-to-understand summaries of detected vulnerabilities, AI-generated code fix recommendations, and other insights to help them build more secure software faster. Splunk announced Splunk Asset and Risk Intelligence, a solution designed to power the SOC of the future by helping businesses streamline compliance, reduce cyber risk and eliminate the sources of shadow IT. It allows security operations teams to map relationships between assets and identities to expedite investigations, enabling rich asset and identity context for faster security incident response.

AI platform Hugging Face says that its Spaces platform was breached, allowing hackers to access authentication secrets for its members. Hugging Face Spaces is a repository of AI apps created and submitted by the community's users, allowing other members to demo them.