Aug 15, 2023The Hacker NewsThreat Intelligence / Cyber Attacks The just-released BlackBerry Global Threat Intelligence Report reveals a 40% increase in cyberattacks against government and public service organizations versus the previous quarter. This includes public transit, utilities, schools, and other government services we rely on daily. With limited resources and often … [Read more...] about Public Sector Hit in Sudden Surge, Reveals New Report
hacker news
Rips in Your Identity Fabric
Why SaaS Security Is a Challenge In today's digital landscape, organizations are increasingly relying on Software-as-a-Service (SaaS) applications to drive their operations. However, this widespread adoption has also opened the doors to new security risks and vulnerabilities. The SaaS security attack surface continues to widen. It started with managing misconfigurations and now … [Read more...] about Rips in Your Identity Fabric
Multiple Flaws in CyberPower and Dataprobe Products Put Data Centers at Risk
Aug 12, 2023THNServer Security / Cyber Threat Multiple security vulnerabilities impacting CyberPower's PowerPanel Enterprise Data Center Infrastructure Management (DCIM) platform and Dataprobe's iBoot Power Distribution Unit (PDU) could be potentially exploited to gain unauthenticated access to these systems and inflict catastrophic damage in target environments. The nine … [Read more...] about Multiple Flaws in CyberPower and Dataprobe Products Put Data Centers at Risk
Zoom ZTP & AudioCodes Phones Flaws Uncovered, Exposing Users to Eavesdropping
Aug 12, 2023THNVulnerability / Privacy Multiple security vulnerabilities have been disclosed in AudioCodes desk phones and Zoom's Zero Touch Provisioning (ZTP) that could be potentially exploited by a malicious attacker to conduct remote attacks. "An external attacker who leverages the vulnerabilities discovered in AudioCodes Ltd.'s desk phones and Zoom's Zero Touch … [Read more...] about Zoom ZTP & AudioCodes Phones Flaws Uncovered, Exposing Users to Eavesdropping
Google Adds Quantum-Resistant Encryption in Chrome 116
Aug 11, 2023THNEncryption / Browser Security Google has announced plans to add support for quantum-resistant encryption algorithms in its Chrome browser, starting with version 116. "Chrome will begin supporting X25519Kyber768 for establishing symmetric secrets in TLS, starting in Chrome 116, and available behind a flag in Chrome 115," Devon O'Brien said in a post published … [Read more...] about Google Adds Quantum-Resistant Encryption in Chrome 116
Encryption Flaws in Popular Chinese Language App Put Users’ Typed Data at Risk
Aug 10, 2023THNPrivacy / Encryption A widely used Chinese language input app for Windows and Android has been found vulnerable to serious security flaws that could allow a malicious interloper to decipher the text typed by users. The findings from the University of Toronto's Citizen Lab, which carried out an analysis of the encryption mechanism used in Tencent's Sogou Input … [Read more...] about Encryption Flaws in Popular Chinese Language App Put Users’ Typed Data at Risk
Continuous Security Validation with Penetration Testing as a Service (PTaaS)
Validate security continuously across your full stack with Pen Testing as a Service. In today's modern security operations center (SOC), it's a battle between the defenders and the cybercriminals. Both are using tools and expertise – however, the cybercriminals have the element of surprise on their side, and a host of tactics, techniques, and procedures (TTPs) that have … [Read more...] about Continuous Security Validation with Penetration Testing as a Service (PTaaS)
Understanding Active Directory Attack Paths to Improve Security
Introduced in 1999, Microsoft Active Directory is the default identity and access management service in Windows networks, responsible for assigning and enforcing security policies for all network endpoints. With it, users can access various resources across networks. As things tend to do, times, they are a'changin' – and a few years back, Microsoft introduced Azure Active … [Read more...] about Understanding Active Directory Attack Paths to Improve Security
Open Source XDR and SIEM
Aug 07, 2023The Hacker NewsSIEM and XDR Platform In today's interconnected world, evolving security solutions to meet growing demand is more critical than ever. Collaboration across multiple solutions for intelligence gathering and information sharing is indispensable. The idea of multiple-source intelligence gathering stems from the concept that threats are rarely isolated. … [Read more...] about Open Source XDR and SIEM
Empowering Organizations with Enhanced Security
Aug 05, 2023The Hacker NewsManaged Detection and Response Managed Detection and Response (MDR) has emerged as a crucial solution for organizations looking to bolster their security measures. MDR allows businesses to outsource the management of Endpoint Detection and Response (EDR) products deployed across their network domain. With real-time threat-hunting capabilities, MDR … [Read more...] about Empowering Organizations with Enhanced Security