by Beck Bailey | Sep 20, 2024 | RSS
Ivanti has revealed that a critical security flaw impacting Cloud Service Appliance (CSA) has come under active exploitation in the wild. The new vulnerability, assigned the CVE identifier CVE-2024-8963, carries a CVSS score of 9.4 out of a maximum of 10.0. It was...
by Beck Bailey | Sep 19, 2024 | RSS
Many GitHub users this week received a novel phishing email warning of critical security holes in their code. Those who clicked the link for details were asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows...
by Beck Bailey | Sep 19, 2024 | RSS
Until just a couple of years ago, only a handful of IAM pros knew what service accounts are. In the last years, these silent Non-Human-Identities (NHI) accounts have become one of the most targeted and compromised attack surfaces. Assessments report that compromised...
by Beck Bailey | Sep 19, 2024 | RSS
CrowdStrike faced a crisis on July 19 when an update went horribly wrong. The company faced a firestorm of criticism. Doubts were raised about its survival. Rather than going into PR spin mode, George Kurtz, CEO and founder of CrowdStrike, spent weeks addressing the...
by Beck Bailey | Sep 19, 2024 | RSS
Threat actors have been observed targeting the construction sector by infiltrating the FOUNDATION Accounting Software, according to new findings from Huntress. “Attackers have been observed brute-forcing the software at scale, and gaining access simply by using...
Recent Comments