Security News
In this article, I'd like to share some of my key insights and tips that could help your organization create or refine a security hackathon playbook. Hackathon events bring together product and security experts for the sole purpose of finding security vulnerabilities within a product.
Can you elaborate on the benefits and potential risks of outsourcing cybersecurity services? There are few real risks outsourcing cybersecurity will mean handing over a certain amount of control.
Cisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses that could be exploited to perform arbitrary actions on affected...
SOAPHound is an open-source data collection tool capable of enumerating Active Directory environments through the Active Directory Web Services protocol. SOAPHound is a substitute for various open-source security tools typically employed for extracting data from Active Directory via the LDAP protocol.
Please turn on your JavaScript for this page to function normally. OAuth apps have become prominent in several attack groups' TTPs in recent years.
As-a-service attacks continue to dominate the threat landscape, with Malware-as-a-Service and Ransomware-as-a-Service tools making up the majority of malicious tools in use by attackers, according to Darktrace. As-a-Service tools can provide attackers with everything from pre-made malware to templates for phishing emails, payment processing systems and even helplines to enable criminals to mount attacks with limited technical knowledge.
Fortinet is warning of two new unpatched patch bypasses for a critical remote code execution vulnerability in FortiSIEM, Fortinet's SIEM solution.Fortinet added the two new vulnerabilities tracked as CVE-2024-23108 and CVE-2024-23109 to the original advisory for the CVE-2023-34992 flaw in a very confusing update.
The Information Technology Industry Council, which represents a laundry list of heavy hitters, expressed dissatisfaction over the proposed reporting rules, describing them as adding "Another hue of color to the kaleidoscope of incident reporting regimes" being passed by the US federal government of late. ITIC said the eight-hour reporting requirement was "Unduly burdensome and inconsistent" with other reporting rules, adding that the 72-hour update period "Does not reflect the shifting urgency throughout an incident response."
Volt Typhoon isn't the only Chinese spying crew infiltrating computer networks in America's energy sector and other critical organizations with the aim of wrecking equipment and causing other headaches, the US government has said. Last week, the FBI said it obtained search warrants and issued a remote kill command to wipe Volt Typhoon's botnet after the gang infected hundreds of end-of-life routers with backdoor malware to break into critical infrastructure networks.
A new password-stealing malware named Ov3r Stealer is spreading through fake job advertisements on Facebook, aiming to steal account credentials and cryptocurrency. The fake job ads are for management positions and lead users to a Discord URL where a PowerShell script downloads the malware payload from a GitHub repository.