The US Cybersecurity and Infrastructure Security Agency (CISA) warns of three actively exploited vulnerabilities, including a flaw in Microsoft Windows Mark of the Web (MOTW), a command injection vulnerability in Sophos Web Appliance, and an unspecified vulnerability in Oracle Fusion Middleware affecting WebLogic Server.
Appin, an Indian cyberespionage firm, has been confirmed to be involved in incidents of cyber espionage and surveillance worldwide, targeting high-profile individuals such as executives, politicians, military officials, and wealthy elites.
Allyn Stott, senior staff engineer at Airbnb, discusses the importance of a proper framework in helping IT security leaders develop the essential capabilities of a modern program, focusing on proactive and early threat detection and collaboration with partner teams.
The Kritec skimming campaign, carried out by the hacker group Magecart, utilizes sophisticated techniques to steal credit card information from online shoppers, posing a significant threat to individuals and businesses.
Bitdefender Labs has discovered vulnerabilities in Google Workspace that could result in ransomware attacks, data exfiltration, and unauthorized access to Google Cloud Platform, posing significant risks to organizations using the platform.
A recent report by Delinea Research highlights the challenges organizations face in implementing passwordless technology in the workplace, including reliance on passwords and multi-factor authentication in legacy platforms, the need for consistent authentication methods, and employee resistance, while also emphasizing compliance requirements.
