The zero-day (CVE-2024-49138), plus a worryingly critical unauthenticated RCE security vulnerability (CVE-2024-49112), are unwanted gifts for security admins this season.
Ivanti warned customers on Tuesday about a new maximum-severity authentication bypass vulnerability in its Cloud Services Appliance (CSA) solution. [...]
How Cryptocurrency Turns to Cash in Russian Banks
A financial firm registered in Canada has emerged as the payment processor for dozens of Russian cryptocurrency exchanges and websites…
Top DOGE senator demands answers on plan to exhaust CHIPs Act funds before Trump arrives
Senate DOGE Caucus leader Joni Ernst of Iowa is sending letter to Commerce Secretary Gina Raimondo about her recent comments…
Actively Exploited Zero-Day, Critical RCEs Lead Microsoft Patch Tuesday
The zero-day (CVE-2024-49138), plus a worryingly critical unauthenticated RCE security vulnerability (CVE-2024-49112), are unwanted gifts for security admins this season.
Ivanti warns of maximum severity CSA auth bypass vulnerability
Ivanti warned customers on Tuesday about a new maximum-severity authentication bypass vulnerability in its Cloud Services Appliance (CSA) solution. [...]
Steps To Protect Against Cybersecurity Threats During Mergers and Acquisitions
Transactions involving U.S. targets and acquirers continue to represent a substantial percentage of overall deal volume, with U.S. M&A exceeding…
Nearly all Fortune 500 companies still maintain corporate DEI commitments: report
Almost every single Fortune 500 company continues to maintain some form of DEI commitment, a new report shows, even though…
Open Source Security Priorities Get a Reshuffle
The "Census of Free and Open Source Software" report, which identifies the most critical software projects, sees more cloud infrastructure…
Library of Congress Offers AI Legal Guidance to Researchers
Researchers testing generative AI systems can use prompt injection, re-register after being banned, and bypass rate limits without running afoul…
Bypass Bug Revives Critical N-Day in Mitel MiCollab
A single barrier prevented attackers from exploiting a critical vulnerability in an enterprise collaboration platform. Now there's a workaround.
Onapsis Expands Code Security Capabilities to Accelerate and De-Risk SAP BTP Development Projects
PRESS RELEASE BOSTON, MA — December 4, 2024 – Onapsis, the global leader in SAP cybersecurity and...