A SonicWall SMA 100 series vulnerability patched in 2021, which went unnoticed at the time of patching, is being exploited in the wild. The post SonicWall Flags Old Vulnerability as Actively Exploited appeared first on SecurityWeek.
Windows versions of the BrickStorm backdoor that the Chinese APT used in the MITRE hack last year have been active for years. The post MITRE Hackers’ Backdoor Has Targeted Windows for Years appeared first on SecurityWeek.
Chris Krebs has resigned from SentinelOne after security clearance withdrawn and an order to review CISA’s conduct under his leadership. The post Krebs Exits SentinelOne After Security Clearance Pulled appeared first on SecurityWeek.
The vulnerabilities are described as code execution and mitigation bypass issues that affect Apple’s iOS, iPadOS and macOS platforms. The post Apple Quashes Two Zero-Days With iOS, MacOS Patches appeared first on SecurityWeek.
The US government’s cybersecurity agency CISA has “executed the option period on the contract” to keep the vulnerability catalog operational. The post MITRE CVE Program Gets Last-Hour Funding Reprieve appeared first on SecurityWeek.
Top-ranked mobile apps found using hardcoded keys and exposed cloud buckets. The post Many Mobile Apps Fail Basic Security—Posing Serious Risks to Enterprises appeared first on SecurityWeek.
Shield Capital leads a $9 million seed-stage funding round for Israeli startup building technologies for AI security and privacy guardrails. The post Pillar Security Banks $9M for AI Security Guardrails appeared first on SecurityWeek.
The Rhysida ransomware gang claims to have stolen 2.5 Tb of files from the Oregon Department of Environmental Quality. The post Ransomware Group Claims Hacking of Oregon Regulator After Data Breach Denial appeared first on SecurityWeek.
In recent attacks, the state-sponsored backdoor BPFDoor is using a controller to open a reverse shell and move laterally. The post Enhanced Version of ‘BPFDoor’ Linux Backdoor Seen in the Wild appeared first on SecurityWeek.
A critical vulnerability in Apache Roller could be used to maintain persistent access by reusing older sessions even after password changes. The post Critical Vulnerability Found in Apache Roller Blog Server appeared first on SecurityWeek.