Feb 04, 2025Ravie LakshmananVulnerability / Threat Intelligence Cybersecurity researchers have called attention to a software supply chain attack targeting the Go ecosystem that involves a malicious package capable of granting the adversary remote access to infected systems. The package, named github.com/boltdb-go/bolt, is a typosquat of the legitimate BoltDB database module … [Read more...] about Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access
access
Over Two Dozen Flaws Identified in Advantech Industrial Wi-Fi Access Points – Patch ASAP
Nov 28, 2024Ravie LakshmananIoT Security / Vulnerability Nearly two dozen security vulnerabilities have been disclosed in Advantech EKI industrial-grade wireless access point devices, some of which could be weaponized to bypass authentication and execute code with elevated privileges. "These vulnerabilities pose significant risks, allowing unauthenticated remote code … [Read more...] about Over Two Dozen Flaws Identified in Advantech Industrial Wi-Fi Access Points – Patch ASAP
Gophish Framework Used in Phishing Campaigns to Deploy Remote Access Trojans
Russian-speaking users have become the target of a new phishing campaign that leverages an open-source phishing toolkit called Gophish to deliver DarkCrystal RAT (aka DCRat) and a previously undocumented remote access trojan dubbed PowerRAT. "The campaign involves modular infection chains that are either Maldoc or HTML-based infections and require the victim's intervention to … [Read more...] about Gophish Framework Used in Phishing Campaigns to Deploy Remote Access Trojans
SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access
Aug 26, 2024Ravie LakshmananVulnerability / Enterprise Security SonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorized access to the devices. The vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), has been described as an improper access control bug. "An … [Read more...] about SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access
CrowdStrike’s Kernel Access and Security Architecture
Context In today’s rapidly evolving threat landscape, the need for dynamic security measures is critical. Due to Windows’s current architecture and design, security products running in the platform, particularly those involved in endpoint protection, require kernel access to provide the highest level of visibility, enforcement and tamper-resistance, while meeting the strict … [Read more...] about CrowdStrike’s Kernel Access and Security Architecture
Next-level quality in radio access network management: Creating better customer experiences with ViewRAN solutions and the Elastic Stack
In a world where networks expand, data demands escalate, and customer expectations rise, ViewRAN diagnostic tools, supported by Elasticsearch, stand as a must for modern telecommunication operators. Committed to delivering top-tier radio access network (RAN) monitoring and diagnostics, ViewRAN provides ongoing instant prompts and insights to mobile network operators. This … [Read more...] about Next-level quality in radio access network management: Creating better customer experiences with ViewRAN solutions and the Elastic Stack
Cisco Enhances Zero Trust Access with Google
Cisco Secure Access provides a broad set of security functions in one unified solution to make both users and the IT team more productive, but no single solution can cover all security requirements. With this perspective Secure Access is actively building a strong technology ecosystem to more efficiently serve the wider needs in the market. This week Cisco announced an … [Read more...] about Cisco Enhances Zero Trust Access with Google
AI Company Hugging Face Detects Unauthorized Access to Its Spaces Platform
Jun 01, 2024NewsroomAI-as-a-Service / Data Breach Artificial Intelligence (AI) company Hugging Face on Friday disclosed that it detected unauthorized access to its Spaces platform earlier this week. "We have suspicions that a subset of Spaces' secrets could have been accessed without authorization," it said in an advisory. Spaces offers a way for users to create, host, and … [Read more...] about AI Company Hugging Face Detects Unauthorized Access to Its Spaces Platform
Accelerating SaaS security certifications to maximize market access
The regulatory landscape for Software-as-a-Service (SaaS) offerings is rapidly changing worldwide as governments seek to address concerns around privacy, security, and data sovereignty. While the European Union’s Cybersecurity Certification Scheme for Cloud Services (EUCS) has set a high standard for data protection, Asian countries are also stepping up their regulatory … [Read more...] about Accelerating SaaS security certifications to maximize market access
Using Elastic as a global data mesh: Unify data access with security, governance, and policy
Data mesh vs. data fabricWe should probably start with what it’s not. A “data mesh” is not the same as a “data fabric.” A data fabric allows data flowing in from across the enterprise (from the edge, the network, the applications, the appliances . . . literally everywhere) to be confidently received and persisted, making it available for delivery to any consumers who might want … [Read more...] about Using Elastic as a global data mesh: Unify data access with security, governance, and policy