Rackspace ransomware attack was executed by using previously unknown security exploit
The MS Exchange exploit chain recently revealed by Crowdstrike researchers is how the Play ransomware gang breached the Rackspace Hosted Exchange email environment, the company confirmed last week. The exploit chains CVE-2022-41082, a RCE flaw, and C.....»»
Scan your iPhone for Pegasus spyware using a $1 app
A newly-released app lets you regularly scan your iPhone for Pegasus spyware – which can access almost all the data on a phone – for a one-off cost of just one dollar. A mobile security firm created the app, which allows you to scan your iPho.....»»
PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785)
Researchers have published a proof-of-concept (PoC) exploit for CVE-2024-8785, a critical remote code execution vulnerability affecting Progress WhatsUp Gold, a popular network monitoring solution for enterprises. CVE-2024-8785 and the PoC exploit CV.....»»
FBI suggests use of encrypted messaging apps while US faces huge cyberattack from China
The FBI and Cybersecurity and Infrastructure Security Agency say that Americans should use encrypted apps such as iMessage and FaceTime to be safe from foreign hackers.Image credit: Elchinator on PixabayIt's an about-face for the FBI, which has for y.....»»
Research reveals gender gaps in perceptions of economic security and social protections across countries
Gender gaps are known to persist in social and economic outcomes in most countries, but less well known is how women and men perceive their economic security and their benefits from social programs......»»
Team shows increase in food mass through photorespiratory bypass in elevated temperatures
A team from the University of Illinois has engineered potato to be more resilient to global warming, showing 30% increases in tuber mass under heat wave conditions. This adaptation may provide greater food security for families dependent on potatoes,.....»»
AttackIQ Flex 3.0 empowers security teams to take control of their detection strategies
AttackIQ announced AttackIQ Flex 3.0, agentless security control validation that integrates natively with Splunk to deliver a fully seamless user experience. A growing need for efficient and accurate threat detection As cyber threats grow more sophis.....»»
FortiAppSec Cloud simplifies web application security management
Fortinet announced FortiAppSec Cloud, a new cloud-delivered platform that integrates key web application security and performance management tools into a single offering. The platform streamlines web and API security, advanced bot defense, and global.....»»
42Gears SureAccess secures organizations from unauthorized access
42Gears launched SureAccess, a Zero Trust Network Access (ZTNA) solution. This solution reinforces the company’s commitment to enterprise security by ensuring that only authenticated users and verified devices can access corporate resources fro.....»»
Elastic expands cloud detection and response capabilities from a single SIEM
Elastic announced Elastic Security now offers expanded cloud detection and response (CDR) capabilities from a single SIEM to reduce tool fragmentation and streamline cloud security. The additional features include agentless ingestion, cloud asset inv.....»»
Security Bite: Threat actors are widely using AI to build Mac malware
9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art App.....»»
Securing AI’s new frontier: Visibility, governance, and mitigating compliance risks
In this Help Net Security interview, Niv Braun, CEO at Noma Security, discusses the difficulties security teams face due to the fragmented nature of AI processes, tools, and teams across the data and AI lifecycle. Braun also shares insights on how or.....»»
What a new threat report says about Mac malware in 2024
Apple's macOS has been under siege in 2024 as malware-as-a-service platforms and AI-driven threats make the year a turning point for Mac security.MacBook ProFor years, macOS had a reputation for being malware-resistant, but 2024 has painted a differe.....»»
N2WS platform enhancements improve restore time for enterprises and MSPs
N2WS has unveiled new enhancements to its cloud-native backup and disaster recovery (BDR) platform. These updates empower enterprises and managed service providers (MSPs) to address the growing threats of ransomware and other malicious attacks while.....»»
Whitepaper: 9 traits of effective cybersecurity leaders of tomorrow
The cyber world needs your expertise. But the security leaders of tomorrow require a broad set of skills that job experience alone does not arm you with. What do today’s organizations demand? And how can you acquire the technical and soft skills th.....»»
Give the gift of privacy and security online with Surfshark VPN"s winter sale
A virtual private network is a utility as necessary as a lock on your front door, so pick one up at a big discount from Surfshark VPN during its winter sale.Get Surfshark VPN at a discount during the winter sale - Image credit: SurfsharkThere are man.....»»
Push Security introduces verified stolen credentials detection capability
Push Security unveiled verified stolen credentials detection capability, a new feature designed to reshape how security teams combat identity threats. By analyzing threat intelligence (TI) on stolen credentials and comparing it against active credent.....»»
Phishers send corrupted documents to bypass email security
Phishers have come up with a new trick for bypassing email security systems: corrupted MS Office documents. The spam campaign Malware hunting service Any.Run has warned last week about email campaigns luring users with promises of payments, benefits.....»»
Sweet Security helps organizations protect their cloud environments
Sweet Security introduces unified Cloud Native Detection and Response platform, designed to transform the way organizations protect their cloud environments in real time. Sweet’s platform integrates the capabilities of Application Detection and Res.....»»
Thales Data Risk Intelligence identifies risks to sensitive data
Thales launched Data Risk Intelligence, an Imperva Data Security Fabric (DSF) solution that proactively addresses the risks to data wherever it resides. This is the first solution uniting the risk and threat identification capabilities of the Imperva.....»»
US government, energy sector contractor hit by ransomware
ENGlobal, a Texas-based engineering and automation contractor for companies in the energy sector, has had its data encrypted by attackers. “On November 25, 2024, ENGlobal Corporation (the “Company”) became aware of a cybersecurity incident......»»