GitLab warns of critical zero-click account hijacking vulnerability
GitLab has released security updates for both the Community and Enterprise Edition to address two critical vulnerabilities, one of them…
Zombie APIs: The Scariest Threat Lurking in The Shadows?
By Dan Hopkins, VP of Engineering at StackHawk IT modernization and digital transformation initiatives, combined with faster software deployment lifecycles,…
ShinyHunters member gets 3 years in prison for breaching 60 firms
The U.S. District Court in Seattle sentenced ShinyHunters member Sebastien Raoult to three years in prison and ordered a restitution…
Dubai-US Deal Aims to Secure Medical, IoT Devices in the Middle East
IoT surge across the Middle East spawns demand for more secure devices in business, healthcare, and energy.
Xerox says subsidiary XBS U.S. breached after ransomware gang leaks data
The U.S. division of Xerox Business Solutions (XBS) has been compromised by hackers, and a limited amount of personal information…
Palo Alto Networks Closes Talon Cybersecurity Acquisition
The Talon acquisition extends Palo Alto Networks' best-in-class SASE solution to help protect all managed and unmanaged devices.
Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers
A critical Apache OFBiz pre-authentication remote code execution vulnerability is being actively exploited using public proof of concept (PoC) exploits. [...]
Europe Sees More Hacktivism, GDPR Echoes, and New Security Laws Ahead for 2024
Political and economic motivations impel nation-state and independent hackers, while the European Union strives to keep its members secure and…
Fake VPN Chrome extensions force-installed 1.5 million times
Three malicious Chrome extensions posing as VPN (Virtual Private Networks) infected were downloaded 1.5 million times, acting as browser hijackers,…
8 Strategies for Defending Against Help Desk Attacks
The help desk is under siege from AI-based and other attacks. Next-gen tactics call for in-depth cyber-defense strategies.