Critical zero-day vulnerability in MOVEit Transfer exploited by attackers!
A critical zero-day vulnerability in Progress Software’s enterprise managed file transfer solution MOVEit Transfer is being exploited by attackers to grab corporate data. “[The vulnerability] could lead to escalated privileges and potenti.....»»
Researchers unveil novel attack methods targeting Intel’s conditional branch predictor
Researchers have found two novel types of attacks that target the conditional branch predictor found in high-end Intel processors, which could be exploited to compromise billions of processors currently in use. The multi-university and industry resea.....»»
UK enacts IoT cybersecurity law
The Product Security and Telecommunications Infrastructure (PSTI) Act has come into effect today, requiring manufacturers of consumer-grade IoT products sold in the UK to stop using guessable default passwords and have a vulnerability disclosure poli.....»»
DHS establishes AI Safety and Security Board to protect critical infrastructure
The Department of Homeland Security announced the establishment of the Artificial Intelligence Safety and Security Board (the Board). The Board will advise the Secretary, the critical infrastructure community, other private sector stakeholders, and t.....»»
Week in review: Two Cisco ASA zero-days exploited, MITRE breach, GISEC Global 2024
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359) A state-sponsored threat actor has managed to compromise Cis.....»»
How to connect to FTP servers in macOS using modern apps
File Transfer Protocol is an older networking protocol for transferring files to network servers. Here's how to use it on your Mac.Connecting to FTP in macOS's Finder.We previously covered the Terminal-based SCP protocol, which allows you to securely.....»»
Hackers try to exploit WordPress plugin vulnerability that’s as severe as it gets
WP Automatic plugin patched, but release notes don't mention the critical fix. Enlarge (credit: Getty Images) Hackers are assailing websites using a prominent WordPress plugin with millions of attempts to exploit a high-.....»»
How to Use Apple Managed Device Attestation to secure networks
Managed Device Attestation enables enterprises to verify Apple devices for security, protecting the corporate network. Here's how to use it.Apple Device Attestation.In our interconnected world, the issue of device identity plays a critical role in on.....»»
The Mars Sample Return mission has a shaky future, and NASA is calling on private companies for backup
A critical NASA mission in the search for life beyond Earth, Mars Sample Return, is in trouble. Its budget has ballooned from US$5 billion to over $11 billion, and the sample return date may slip from the end of this decade to 2040......»»
Edgio Client-Side Protection enables organizations to secure critical customer data
Edgio released its Client-Side Protection solution. Designed to monitor scripts and APIs on the browser-side to prevent malicious code from exfiltrating sensitive customer data, Edgio Client-Side Protection allows teams to gain full visibility on cli.....»»
Congo accuses Apple of using illegal conflict minerals in its supply chain
The Democratic Republic of Congo is accusing Apple of using illegally exploited minerals sourced in the eastern regions, involving violence, child labor and other human rights violations. This allegation disagrees with Apple’s published Conflic.....»»
Fireblocks expands DeFi suite with threat detection features
Fireblocks introduced new security features to its DeFi suite: dApp Protection and Transaction Simulation. As the DeFi sector experiences unprecedented growth, the need for proactive security measures has never been more critical. With attackers taki.....»»
56% of cyber insurance claims originate in the email inbox
56% of all 2023 claims were a result of funds transfer fraud (FTF) or business email compromise (BEC), highlighting the importance of email security as a critical aspect of cyber risk management, according to Coalition. The 2024 Cyber Claims Report i.....»»
73% of SME security pros missed or ignored critical alerts
Small and medium-sized enterprises (SMEs) IT staff is overwhelmed by the complexity and demands of managing multiple tools in their security stack, leading them to miss critical severity events and weaken their company’s security posture, according.....»»
Mechanism of grafting Prunus sp. to control crown gall disease by regulating the rhizosphere environment
Grafting is a traditional and significant strategy to suppress soil-borne diseases, such as the crown gall disease caused by tumorigenic Agrobacterium and Rhizobium. Root exudates and the rhizosphere microbiome play critical roles in controlling crow.....»»
Laser technology offers breakthrough in detecting illegal ivory
A new way of quickly distinguishing between illegal elephant ivory and legal mammoth tusk ivory could prove critical to fighting the illegal ivory trade. A laser-based approach developed by scientists at the Universities of Bristol and Lancaster, cou.....»»
Hackers are using developing countries for ransomware practice
Businesses in Africa, Asia, and South America hit before moving on to Western targets. Enlarge (credit: Getty Images) Cyber attackers are experimenting with their latest ransomware on businesses in Africa, Asia, and Sout.....»»
Researchers unveil PI3K enzyme"s dual accelerator and brake mechanisms
A group of researchers have expanded conventional knowledge on a critical enzyme that controls cell migration. In a publication in the journal Nature Communications, they reported that phosphoinositide 3-kinase (PI3K) not only acts as an accelerator.....»»
Hackers are carrying out ransomware experiments in developing countries
Businesses in Africa, Asia, and South America hit before moving on to western targets. Enlarge (credit: Getty Images) Cyber attackers are experimenting with their latest ransomware on businesses in Africa, Asia and South.....»»
Secureworks enables users to view known vulnerabilities in the context of threat data
Secureworks announced the ability to integrate vulnerability risk context with threat detection to prevent attackers from exploiting known vulnerabilities and expedite response times, improving an organization’s security posture. The integration be.....»»
Global attacker median dwell time continues to fall
While the use of zero-day exploits is on the rise, Mandiant’s M-Trends 2024 report reveals a significant improvement in global cybersecurity posture: the global median dwell time – the time attackers remain undetected within a target environm.....»»