Security News > 2024
Ivanti has released security updates to address a critical flaw impacting its Endpoint Manager (EPM) solution that, if successfully exploited, could result in remote code execution (RCE) on...
Russia's Sandworm crew appear to have been responsible for knocking out mobile and internet services to about 24 million users in Ukraine last month with an attack on telco giant Kyivstar. The telco did not immediately respond to The Register's inquiries, but a Kyivstar spokesperson said it was working with the SBU to investigate the attack, and added that "No facts of leakage of personal and subscriber data have been revealed."
Ukrainian cybersecurity authorities have disclosed that the Russian state-sponsored threat actor known as Sandworm was inside telecom operator Kyivstar's systems at least since May 2023. The...
This article aims to provide a quick summary of some of the latest trends, announcements, and changes associated with IT patch operations while looking at the upcoming Patch Tuesday and what software updates to expect. December 2023 Patch Tuesday provided the smallest set of updates in recent memory.
A new variant of remote access trojan called Bandook has been observed being propagated via phishing attacks with an aim to infiltrate Windows machines, underscoring the continuous evolution of...
In this Help Net Security video, Bassam Al-Khalidi, co-CEO of Axiad, discusses the results of Axiad's recent State of Authentication Survey. 39% indicated phishing is the most feared cyberattack, while 49% said it is the attack most likely to happen.
Cybercriminals turn to ready-made bots for quick attacks. Bots and human fraud farms were responsible for billions of attacks in the H1 of 2023 and into Q3, according to Arkose Labs.
60% of IT decision-makers agreed that budget cuts have negatively impacted their mental health and wellbeing, according to Integrity360. To add to that, 55% noted that the current economic climate has reduced access to mental health and wellbeing resources within their organization.
Ivanti fixed a critical remote code execution vulnerability in its Endpoint Management software that can let unauthenticated attackers hijack enrolled devices or the core server. Ivanti EPM helps manage client devices running a wide range of platforms, from Windows and macOS to Chrome OS and IoT operating systems.
Miscreants took over security giant Mandiant's Twitter account for several hours on Wednesday in an attempt to steal cryptocurrency, then trolled the Google-owned security shop, telling its admins to change the password. "We are aware of the incident that impacted the Mandiant X account and are conducting a thorough investigation," a spokesperson told The Register.