Information Security newsfeeds from around the world in English and French. Find it all in one place… here.
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between April 9 and April 16. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavioral characteristics,… [[ This is only the beginning! Please visit the […]
Continue ReadingWidely deployed platforms from Citrix, Fortinet, Pulse Secure, Synacor and VMware are all in the crosshairs of APT29, bent on stealing credentials and more. Source: Threatpost.com
Continue ReadingMultiple vulnerabilities in the OpENer stack could be exploited in attacks aimed at supervisory control and data acquisition (SCADA) and other industrial systems that use OpENer. read more Source: Security Week
Continue ReadingA critical vulnerability patched recently by networking and cybersecurity solutions provider Juniper Networks could allow an attacker to remotely hijack or disrupt affected devices. read more Source: Security Week
Continue ReadingMatt Bromiley, senior principal consultant with Mandiant, offers checklists for how small- and medium-sized businesses (SMBs) can identify and clear ProxyLogon Microsoft Exchange infections. Source: Threatpost.com
Continue ReadingThe zero-day flaw research group has revised its disclosure of the technical details of vulnerabilities in the hopes of speeding up the release and adoption of fixes. Source: Threatpost.com
Continue ReadingGoogle’s Project Zero cybersecurity research unit on Thursday announced that it’s making some changes to its vulnerability disclosure policies, giving users 30 days to install patches before disclosing the technical details of a flaw. read more Source: Security Week
Continue ReadingSecurity response professionals are scrambling to measure the fallout from a software supply chain compromise of Codecov Bash Uploader that went undetected since January and exposed sensitive secrets like tokens, keys and credentials from organizations around the world. read more Source: Security Week
Continue ReadingMore than 40 organizations have been targeted in a global campaign focused on the COVID-19 vaccine cold chain infrastructure, which handles the distribution of vaccines and their storage at the required temperatures. read more Source: Security Week
Continue ReadingThe IoT-targeted malware has also added new exploits for initial compromise, for Huawei, Realtek and Dasan GPON devices. Source: Threatpost.com
Continue Reading