Cisco has released a patch for a critical vulnerability in its Unified Communications and Contact Center Solutions products, which allows remote attackers to execute arbitrary code on affected devices by exploiting insecure processing of user-supplied data.
Microsoft and Hewlett Packard Enterprise disclose that they were targeted in cyber attacks by Russian state-sponsored threat actors known as APT29 or by various other names including BlueBravo, Cloaked Ursa, Cozy Bear, Midnight Blizzard, and The Dukes, resulting in the compromise of email accounts and theft of sensitive information.
A recent study by Cisco reveals that 27% of organizations have temporarily banned the use of generative AI due to concerns over privacy and data security risks, while 48% admit to inputting non-public company information into generative AI tools, raising concerns about legal and intellectual property rights.
The Defense-in-Depth strategy can be enhanced with Breach and Attack Simulation (BAS) to proactively identify and mitigate potential security gaps, improving cyber resilience against sophisticated threats.
Cybersecurity researchers analyze the command-and-control server of the SystemBC malware, exposing its ability to serve as a persistent backdoor for threat actors and deliver additional payloads.
The 2023/2024 Axur Threat Landscape Report highlights a threefold increase in leaked credit and debit card details, a surge in credential leaks and info stealers, and an increase in brand misuse and digital fraud, emphasizing the urgent need for organizations to enhance their cybersecurity measures.
