Cybersecurity
Category Added in a WPeMatico Campaign
Dive Brief: Distributed denial of service attacks escalated during the third quarter, as a novel zero-day vulnerability led to a series of record-breaking attacks that continued into the month of October, according to a report released Thursday by Cloudflare. Exploits of the HTTP/2 Rapid Reset vulnerability led to record breaking incidents, as Cloudflare reported 89 […]
The government of Philadelphia said hackers spent at least three months inside city email systems, giving them wide access to health information stored in email accounts. The city did not respond to requests for comment about how many people were affected by the situation, but in a notice released on Friday officials said an unauthorized […]
Oct 27, 2023NewsroomNetwork Security / Vulnerability F5 has alerted customers of a critical security vulnerability impacting BIG-IP that could result in unauthenticated remote code execution. The issue, rooted in the configuration utility component, has been assigned the CVE identifier CVE-2023-46747, and carries a CVSS score of 9.8 out of a maximum of 10. “This vulnerability […]
Authorised push payment (APP) fraud continues to be a major headache for the UK banking industry and its customers, contributing to almost half a billion pounds in losses in the first half of 2023, according to UK Finance. The banking body’s 2023 Half Year Fraud Update noted that although the headline figure for fraud losses […]
A leading US cybersecurity agency has published a new set of online resources designed to help IT security leaders in the healthcare sector to improve their organization’s security posture. The Cybersecurity Toolkit for Healthcare and Public Health features a range of information, guidance and practical tooling to help reduce cyber-risk and the “likelihood of successful cyber-incursions” […]
The newly released Security and Exchange Commission (SEC) cyber incident disclosure rules have been met with mixed reviews. Of particular concern is whether public companies who own and operate industrial control systems and connected IoT infrastructure are prepared to fully define operational risk, and therefore are equipped to fully disclose material business risk from cyber […]
Mozilla and Google this week announced software updates for Firefox and Chrome that address multiple high-severity vulnerabilities, including memory safety bugs. On Tuesday, Mozilla released Firefox 119 with patches for 11 vulnerabilities, including three high-severity issues. The first of the flaws, CVE-2023-5721, is an insufficient activation-delay bug that could result in the user unintentionally activating […]
Oct 26, 2023NewsroomData Security / Vulnerability A group of academics has devised a novel side-channel attack dubbed iLeakage that exploits a weakness in the A- and M-series CPUs running on Apple iOS, iPadOS, and macOS devices, enabling the extraction of sensitive information from the Safari web browser. “An attacker can induce Safari to render an […]
This attack bypasses standard side-channel protections implemented by browser vendors and can retrieve data from Safari, as well as other browsers like Firefox, Tor, and Edge on iOS.