Hot Topics

Threats & Breaches

LayerSlider Plugin Flaw Exposes 1M Sites To SQL Injections

| | CVE-2024-2879, Cybersecurity, Cybersecurity News, Data breach, exploitation, LayerSlider Plugin, patch management, security flaw, sql injection, threat actors, vulnerability, vulnerability assessment, Website Protection, Website Security, wordpress security
Recent media reports have revealed a crucial LayerSlider plugin flaw. According to these reports, this flaw has exposed numerous WordPress sites to SQL attacks and infections. If exploited, the flaw allows users ...
TuxCare

Linux Backdoor Infection Scare, Massive Social Security Number Heist

| | backdoor, Cyber Security, Cybersecurity, Data breach, Data Privacy, Digital Privacy, Episodes, government, Government Contractor, Hacking, Information Security, Infosec, Linux, open source, pii, Podcast, Podcasts, Privacy, security, sensitive data, Social Security Numbers, technology, Weekly Edition, XZ Utils
In episode 325, Tom and Kevin discuss a significant backdoor threat that nearly compromised Linux systems globally, stemming from an infiltration into an open-source project called XZ Utils by attackers who gained ...
Shared Security Podcast

CISA Warns of Compromised Microsoft Accounts

| | , Active Directory, Cybersecurity, Data breaches, Regulation and Compliance
The directive is known as Emergency Directive 24-02 addresses the risk of compromised Microsoft accounts for federal agencies & corporations. The post CISA Warns of Compromised Microsoft Accounts appeared first on Enzoic ...
Blog | Enzoic

Balbix Guide to XZ Utils Backdoor

| | asset inventory, CAASM, cyber resilience, Cybersecurity Risk Management, Vulnerability Management
Executive Summary On March 29, 2024, developer Andres Freund reported the discovery of a backdoor in XZ Utils, affecting v5.6.0 and 5.6.1. XZ Utils, which provides compression tools for the .xz format, ...
Blog – Balbix
Seal of the Cybersecurity & Infrastructure Security Agency

Sisense Hacked: CISA Warns Customers at Risk

| | Amazon Web Services (AWS), aws, AWS access keys, AWS bucket, cisa, CISA Advisories, CISA Advisory, CISA Alert, CISA warning, CISA.gov, depth, NSA/CISA, Sangram Dash, SB Blogwatch, Sisense
A hard-coded credential catastrophe: The analytics firm kept big companies’ secrets in an insecure AWS bucket. Government says victims include the “critical infrastructure sector.” ...
Security Boulevard

Unlocking the Power of Data-Centric SAP Security: A Look at Pathlock CAC Through Kuppinger Cole’s Lens

| | Access Governance, Application Security, Vulnerability Management
Last month, Kuppinger Cole, a globally recognized analyst organization, took a closer look at Pathlock’s Cybersecurity Application Controls (CAC) product in a detailed Executive View report. Known for their impartial and thorough ...
Pathlock

TheMoon Botnet Facilitates Faceless To Exploit EoL Devices

| | Antivirus updates, Black Lotus Labs, botnet, Cyber Threats, Cybersecurity, Cybersecurity News, Data breaches, digital security, End-of-Life devices, Faceless, IoT Security, Lumen Technologies, Multi-Factor Authentication (MFA), Network Security, patch management, Phishing Attacks, Proactive defense, Resilience strategies, TheMoon Botnet, Threat Intelligence, Vulnerability Management
In a digital landscape fraught with threats, vigilance is paramount. The cybercriminals are exploiting End-of-Life devices to perpetrate their malicious activities. Recently, Black Lotus Labs, the formidable threat intelligence arm of Lumen ...
TuxCare
Russia Microsoft hack

CISA: Russian Hackers Stole Emails Between U.S. Agencies and Microsoft

| | CISA Emergency Directive, Microsoft, Midnight Blizzard, Russian hackers
The U.S. cybersecurity agency in an emergency directive is ordering affected agencies to address risks stemming from the attack ...
Security Boulevard

Why Major American Companies Held a Joint Cyber Drill, and You Should Too

| | Blog, china, cyberattack, nation, Threats and Trends
Employees from large US enterprises, including Mastercard, Lumen Technologies, AT&T, and others recently joined with ...
Blog – Coro Cybersecurity
The Evolving Triad of Cyber Threats: BEC, Ransomware, and Supply Chain Attacks

The Evolving Triad of Cyber Threats: BEC, Ransomware, and Supply Chain Attacks

| | cyberattack, cybercrime, Cybersecurity
Historically, cybercriminals have been happy to stick with proven tactics for as long as possible. After all, it's a business to them—if it ain't broke, why fix it? However, this is not ...
Cimcor Blog
Load more