Global spending on information security is on track to reach nearly $212 billion next year, with a projected 15% increase from 2024. The majority of this spending is in security software, particularly in endpoint protection platforms.
Progress Software has alerted users to a critical vulnerability (CVE-2024-7591) in its LoadMaster ADC and load balancer solution. The flaw, with a CVSS score of 10, allows remote attackers to execute system commands without authentication.
The group, active since at least 2023, exclusively targets companies in these countries. They use modern techniques to gain initial access to systems, primarily through phishing emails with custom malware like PhantomDL and PhantomCore.
A critical vulnerability (CVE-2024-2169) in Webmin/Virtualmin control panels allows for launching DoS attacks. This flaw reveals IP addresses through the UDP service on port 10000, enabling attackers to create a loop of traffic between servers.
Now available in white, the Torso T-1 is a uniquely creative hardware sequencer which plays nicely with MIDI, Eurorack and DAWs. Greg Scarth finds out more. In recent years, there’s been a quiet rebirth of the old-school sequencer. Tying in with trends for modular gear, DAW-less setups and hardware live rigs, various brands have reimagined […]
The 2024 State of the vCISO Report continues Cynomi’s tradition of examining the growing popularity of virtual Chief Information Security Officer (vCISO) services. According to the independent survey, the demand for these services is increasing, with both providers and clients reaping the rewards. The upward trend is set to continue, with even faster growth expected […]
CVE-2024-20017 is a critical zero-click exploit found in popular Wi-Fi chipsets like MediaTek MT7622/MT7915. The vulnerability allows remote code execution without user interaction, posing a severe risk with a CVSS score of 9.8.
Cybersecurity researchers have discovered yet another critical security flaw in the LiteSpeed Cache plugin for WordPress that could allow unauthenticated users to take control of arbitrary accounts. The vulnerability, tracked as CVE-2024-44000 (CVSS score: 7.5), impacts versions before and including 6.4.1. It has been addressed in version 6.5.0.1. “The plugin suffers from an
A fake OnlyFans tool circulating among hackers promises to help steal accounts but actually infects them with the Lumma stealer malware, as discovered by Veriti Research.