Aug 09, 2024Ravie LakshmananVulnerability / Network Security Microsoft on Thursday disclosed four medium-severity security flaws in the open-source OpenVPN software that could be chained to achieve remote code execution (RCE) and local privilege escalation (LPE). "This attack chain could enable attackers to gain full control over targeted endpoints, potentially resulting in … [Read more...] about Microsoft Reveals Four OpenVPN Flaws Leading to Potential RCE and LPE
Reveals
Elastic’s Lisa Jones-Huff reveals how she thrives in a startup atmosphere
Meet Lisa Jones-Huff, the senior director of global security specialists at Elastic and a startup enthusiast. From her first startup experience in 2003 to now leading a growing team of security experts, Lisa thrives on being self-motivated, innovative, and collaborative.“I prefer not to come into an environment where you're farming the land after someone else has done the work. … [Read more...] about Elastic’s Lisa Jones-Huff reveals how she thrives in a startup atmosphere
Public Sector Hit in Sudden Surge, Reveals New Report
Aug 15, 2023The Hacker NewsThreat Intelligence / Cyber Attacks The just-released BlackBerry Global Threat Intelligence Report reveals a 40% increase in cyberattacks against government and public service organizations versus the previous quarter. This includes public transit, utilities, schools, and other government services we rely on daily. With limited resources and often … [Read more...] about Public Sector Hit in Sudden Surge, Reveals New Report
New Report Reveals Shuckworm’s Long-Running Intrusions on Ukrainian Organizations
Jun 15, 2023Ravie LakshmananCyber War / Threat Intel The Russian threat actor known as Shuckworm has continued its cyber assault spree against Ukrainian entities in a bid to steal sensitive information from compromised environments. Targets of the recent intrusions, which began in February/March 2023, include security services, military, and government organizations, Symantec … [Read more...] about New Report Reveals Shuckworm’s Long-Running Intrusions on Ukrainian Organizations
Twilio Reveals Another Breach from the Same Hackers Behind the August Hack
Communication services provider Twilio this week disclosed that it experienced another "brief security incident" in June 2022 perpetrated by the same threat actor behind the August hack that resulted in unauthorized access of customer information. The security event occurred on June 29, 2022, the company said in an updated advisory shared this week, as part of its probe into … [Read more...] about Twilio Reveals Another Breach from the Same Hackers Behind the August Hack
MITRE CTID Partnership Reveals Insider Threat Tactic
Remote working has exposed companies to greater levels of insider risk, which can result in data exfiltration, fraud and confidential information leakage CrowdStrike is a founding sponsor and lead contributor to the new MITRE Insider Threat Knowledge Base, continuing its industry leadership in protecting organizations from external attacks and internal threats The CrowdStrike … [Read more...] about MITRE CTID Partnership Reveals Insider Threat Tactic
TellYouThePass Ransomware Analysis Reveals Modern Reinterpretation Using Golang
TellYouThePass ransomware, discovered in 2019, recently re-emerged compiled using Golang Golang’s popularity among malware developers makes cross-platform development more accessible TellYouThePass ransomware was recently associated with Log4Shell post-exploitation, targeting Windows and Linux The CrowdStrike Falcon® platform protects customers from Golang-written … [Read more...] about TellYouThePass Ransomware Analysis Reveals Modern Reinterpretation Using Golang
New CISOs Survey Reveals How Small Cybersecurity Teams Can Confront 2021
The pressure on small to medium-sized enterprises to protect their organizations against cyberthreats is astronomical. These businesses face the same threats as the largest enterprises, experience the same (relative) damages and consequences when breaches occur as the largest enterprises but are forced to protect their organizations with a fraction of the resources as the … [Read more...] about New CISOs Survey Reveals How Small Cybersecurity Teams Can Confront 2021
Microsoft Reveals New Innocent Ways Windows Users Can Get Hacked
Microsoft earlier today released its August 2020 batch of software security updates for all supported versions of its Windows operating systems and other products.This month's Patch Tuesday updates address a total of 120 newly discovered software vulnerabilities, of which 17 are critical, and the rest are important in severity.In a nutshell, your Windows computer can be hacked … [Read more...] about Microsoft Reveals New Innocent Ways Windows Users Can Get Hacked
Facebook Reveals New Data Leak Incident Involving Groups’ Members
Facebook today revealed yet another security incident admitting that roughly 100 app developers may have improperly accessed its users' data in certain Facebook groups, including their names and profile pictures.In a blog post published Tuesday, Facebook said the app developers that unauthorizedly access this information were primarily social media management and video … [Read more...] about Facebook Reveals New Data Leak Incident Involving Groups’ Members