Cybersecurity
Category Added in a WPeMatico Campaign
VC investment trends in the cybersecurity market suggest a sector in decline — at least within the context of recent months. According to Crunchbase, cybersecurity deal count fell during Q3 to 153 deals from 181 in Q2. In a more detailed report, Crunchbase suggests that, with Q3 cybersecurity venture funding down 30% compared to the […]
Apache fixed Critical RCE flaw CVE-2023-50164 in Struts 2 Pierluigi Paganini December 11, 2023 The Apache Software Foundation addressed a critical remote code execution vulnerability in the Apache Struts 2 open-source framework. The Apache Software Foundation released security updates to address a critical file upload vulnerability in the Struts 2 open-source framework. Successful exploitation of […]
Security experts have unmasked a new trick adopted by the GULOADER malware to evade detection by antivirus software. The highly evasive shellcode downloader malware, which typically spreads through emails bearing ZIP archives or links containing a VBScript file, has been found leveraging Vectored Exception Handler (VEH) capability to make analysis challenging. More in detail According […]
Insider threats, including both malicious attacks and unintentional risks, are on the rise, with privilege escalation exploits being a significant component of unauthorized activity.
CISA and ENISA signed a Working Arrangement to enhance cooperation Pierluigi Paganini December 11, 2023 ENISA has signed a Working Arrangement with the US CISA to enhance capacity-building, best practices exchange and awareness. The European Union Agency for Cybersecurity (ENISA) has signed a Working Arrangement with the Cybersecurity and Infrastructure Security Agency (CISA) to enhance […]
Dec 11, 2023NewsroomVulnerability / Espionage The notorious North Korea-linked threat actor known as the Lazarus Group has been attributed to a new global campaign that involves the opportunistic exploitation of security flaws in Log4j to deploy previously undocumented remote access trojans (RATs) on compromised hosts. Cisco Talos is tracking the activity under the name Operation […]
The United Kingdom on Friday sanctioned 14 individuals and entities connected to Southeast Asia’s sprawling online scamming industry — the first such designation directly targeting the human traffickers who con workers into carrying out fraud. The sanctions announced by the Treasury target nine individuals with links to so-called “scam compounds” — where workers are held […]
Researcher discovered a new lock screen bypass bug for Android 14 and 13 Pierluigi Paganini December 10, 2023 Researchers discovered a lock screen bypass bug in Android 14 and 13 that could expose sensitive data in users’ Google accounts. The security researcher Jose Rodriguez (@VBarraquito) discovered a new lock screen bypass vulnerability for Android 14 and 13. […]
Risk, compliance, governance, and security professionals are finally realizing the importance of subjecting sensitive workloads to robust data governance and protection the moment the data begins traversing the data pipeline. Many organizations no longer feel it’s adequate to secure data only once it “settles” in a cloud data warehouse, and know that they must begin […]