Security vulnerabilities stories - Page 2

Check Point finds potential cybercrime scenarios in ChatGPT4
Mon, 20th Mar 2023
#
malware
#
phishing
#
cybersecurity
Check Point analysed ChatGPT4 and released five scenarios that threat actors can exploit to streamline malicious efforts faster and more precisely.

Claroty uncovers vulnerabilities in Akuvox intercom system
Wed, 15th Mar 2023
#
data protection
#
cybersecurity
#
iot
Claroty has uncovered 13 vulnerabilities in the Akuvox E11 smart intercom system, making the camera and microphone vulnerable and compromising video and images.

Imperva uncovers vulnerabilities in NFT marketplace OpenSea
Tue, 14th Mar 2023
#
phishing
#
cybersecurity
#
open source
Imperva threat team has uncovered recently that NFT marketplace OpenSea is affected by a vulnerability that reveals users' identities.

Public sector IT teams must adopt a new approach to app security
Tue, 7th Mar 2023
#
application security
#
devsecops
#
it industry
Technologists are struggling to manage soaring volumes of emerging cyber threats across an increasingly dynamic and fragmented IT environment.

How to get cyber insurance – what mid-sized organisations need to know
Thu, 2nd Mar 2023
#
cybersecurity insurance
#
cybersecurity
#
mfa
Cyber insurance is not a silver bullet to all these woes, but it does provide a significant safety net to organisations that have already achieved a basic level of cyber resilience.

Attackers deploying exploits faster than ever, finds Rapid7
Wed, 1st Mar 2023
#
cybersecurity
#
it solutions
#
security vulnerabilities
Rapid7 Vulnerability Intelligence Report finds attackers developing and deploying exploits faster, with an 87% increase in first-week exploitation since 2020.

High-profile data leaks in Australia add a new level of urgency to cybersecurity protections
Fri, 24th Feb 2023
#
phishing
#
cybersecurity
#
data leak
Given that most large organisations have made significant cybersecurity investments yet have poorly resourced security teams under enormous stress, what can be done to reduce the likelihood of incidents occurring?

The bad password advice you need to leave behind in 2023
Wed, 22nd Feb 2023
#
cybersecurity
#
passwords
#
enterprise security
For companies to better meet cybersecurity standards, it's time to throw away the bad password advice and take steps to eliminate passwords once and for all.

Cyber vulnerabilities found by internal research teams up 80%
Wed, 15th Feb 2023
#
iot
#
security vulnerabilities
#
research
"Vendors are embracing the need to secure cyber-physical systems by dedicating time, people, and money to not only patching software and firmware vulnerabilities, but also to product security teams."

Sysdig reveals 87% of Container Images have vulnerabilities
Fri, 3rd Feb 2023
#
cloud security
#
security vulnerabilities
#
containers
The report looks at real-world data to understand how global companies and industries use and secure cloud and container environments.

Will 2023 be a pivot year for cybersecurity?
Thu, 2nd Feb 2023
#
cybersecurity
#
skills shortage
#
security vulnerabilities
In the past, mega vulnerabilities happened once a quarter, but this past year we've been dealing with critical vulnerabilities almost weekly in some cases.

Service meshes are an emerging way for application teams to implement Zero Trust
Thu, 2nd Feb 2023
#
cybersecurity
#
security vulnerabilities
#
cyber threats
The challenge for organisations is that even with a secure perimeter, internal systems and data can be compromised if a malicious actor gets in or another internal system has a vulnerability.

China-based threat group targeting public cloud - Radware
Fri, 20th Jan 2023
#
ransomware
#
public cloud
#
malware
Radware has issued a threat advisory about a for-profit threat group from China known as the 8220 Gang, who has emerged in the New Year targeting public cloud environments.

Trustwave provides new feature for threat hunting platform
Thu, 19th Jan 2023
#
cybersecurity
#
trustwave
#
security vulnerabilities
Trustwave has relaunched its Advanced Continual Threat Hunting platform with a unique feature allowing its SpiderLabs threat hunting teams to carry out many more human-led threat hunts.

Claroty’s Team82 finds vulnerabilities in historian server
Thu, 19th Jan 2023
#
cybersecurity
#
security vulnerabilities
#
data breach
Claroty's research team, Team82, has examined the GE Proficy Historian, finding five exploitable vulnerabilities capable of causing damage to the system.

Data breach in 2023 to exceed US$5 million/incident: Acronis
Thu, 29th Dec 2022
#
ransomware
#
phishing
#
cybersecurity
Between July and October, Acronis found that the proportion of phishing attacks has risen by 1.3, accounting for 76% of all attacks.

GreyNoise Intelligence identifies exploitation threats for 2023
Fri, 23rd Dec 2022
#
cybersecurity
#
internet
#
business analyst
“When it comes to cybersecurity, not all vulnerabilities are created equal, and many of the ones that garner media attention actually turn out to be insignificant."

Iran-sponsored group using GitHub to deploy custom malware
Tue, 13th Dec 2022
#
secureworks
#
security vulnerabilities
#
github
The Secureworks Counter Threat Unit (CTU) has uncovered a subgroup of Iranian Cobalt Mirage using GitHub to store and deploy malware.

China-based threat group targeting SE Asia, says Mandiant
Fri, 9th Dec 2022
#
malware
#
cybersecurity
#
security vulnerabilities
Identified as UNC4191, this cyber espionage threat leverages USB devices as an initial infection vector, concentrates on the Philippines, and has a China nexus.

ASX 200 companies on-par with FTSE 350, Fortune 500 - report
Mon, 5th Dec 2022
#
email security
#
asx
#
security vulnerabilities
A new report by Rapid7 has found that companies listed on the ASX 200 have a good security posture, and the attack surface overall is on-par with global counterparts in the FTSE 350 and Fortune 500.

Rapid7 unveils new capabilities to simplify CDR at AWS event
Thu, 1st Dec 2022
#
aws
#
security vulnerabilities
#
rapid7
Rapid7 is showcasing a range of new capabilities at Amazon Web Services (AWS) re:Invent 2022, designed to make cloud detection and response (CDR) and vulnerability assessments easier.

Varonis Systems launches new program through HackerOne
Thu, 1st Dec 2022
#
saas
#
cloud security
#
security vulnerabilities
Data security and analytics pioneer Varonis Systems has launched its public vulnerability disclosure program through HackerOne.

Forescout’s Vedere Labs details OT vulnerabilities in latest study
Wed, 30th Nov 2022
#
it in manufacturing
#
attack
#
forescout technologies
Forescout’s Vedere Labs disclosed an update to its OT:ICEFALL study distributed in June 2022, which detailed vulnerabilities found in thousands of OT devices.

Gallagher named Security Software Manufacturer of the Year
Mon, 28th Nov 2022
#
gallagher
#
integrated products
#
security vulnerabilities
Global security manufacturer Gallagher has been awarded the Security Software Manufacturer of the Year accolade at the 2022 Security & Fire Excellence Awards.