cybersecurity news – Page 130

From The Hacker News – Considerations for Operational Technology Cybersecurity

Operational Technology (OT) refers to the hardware and software used to change, monitor, or control the enterprise's physical devices, processes, and events. Unlike traditional Information Technology (IT) systems, OT systems directly impact the physical world. This unique characteristic of OT brings additional cybersecurity considerations not typically present in conventional IT security

Samir K April 4, 2024

News

From The Hacker News – New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks

New research has found that the CONTINUATION frame in the HTTP/2 protocol can be exploited to conduct denial-of-service (DoS) attacks. The technique has been codenamed HTTP/2 CONTINUATION Flood by security researcher Bartek Nowotarski, who reported the issue to the CERT Coordination Center (CERT/CC) on January 25, 2024. "Many HTTP/2 implementations do not properly limit or sanitize the

Samir K April 4, 2024

News

From Security Week – New HTTP/2 DoS Attack Potentially More Severe Than Record-Breaking Rapid Reset

[[{"value":"New HTTP/2 DoS method named Continuation Flood can pose a greater risk than Rapid Reset, which has been used for record-breaking attacks. The post New HTTP/2 DoS Attack Potentially More…

Samir K April 4, 2024

News

From Cyber Security News – Hackers Claiming of Working Windows 0-Day LPE Exploit

[[{"value":"A new claim has surfaced on the internet regarding a zero-day exploit that targets the Windows operating system. This exploit, which enables local privilege escalation (LPE), could allow attackers to…

Samir K April 4, 2024

News

From Security Week – Microsoft’s Security Chickens Have Come Home to Roost

[[{"value":"News analysis: SecurityWeek editor-at-large Ryan Naraine reads the CSRB report on China's audacious Microsoft’s Exchange Online hack and isn't at all surprised by the findings. The post Microsoft’s Security Chickens…

Samir K April 4, 2024

News

From Security Week – Zoom Paid Out $10 Million via Bug Bounty Program Since 2019

[[{"value":"Video conferencing giant Zoom has paid out $10 million through its bug bounty program since it was launched in 2019. The post Zoom Paid Out $10 Million via Bug Bounty…

Samir K April 4, 2024

News

From Cyber Security News – WordPress Plugin SQl Injection Exposes 1,000,000 Sites to Cyber Attack

[[{"value":"Over a million WordPress websites have been at risk due to a critical SQL Injection vulnerability discovered in the popular LayerSlider plugin. The flaw, identified as CVE-2024-2879, could allow unauthenticated…

Samir K April 4, 2024

News

From The Hacker News – Ivanti Rushes Patches for 4 New Flaw in Connect Secure and Policy Secure

Ivanti has released security updates to address four security flaws impacting Connect Secure and Policy Secure Gateways that could result in code execution and denial-of-service (DoS). The list of flaws is as follows - CVE-2024-21894 (CVSS score: 8.2) - A heap overflow vulnerability in the IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an

Samir K April 4, 2024

News

From Cyber Security News – Feds Stepping to Patch Years-old SS7 Vulnerability in Phone Networks

[[{"value":"The FCC (Federal Communications Commission) seeks public input regarding measures by communications providers to address vulnerabilities in SS7 and Diameter protocols that enable tracking consumers’ mobile device locations without consent.…

Samir K April 4, 2024

News

From Dark Reading – Singapore Sets High Bar in Cybersecurity Preparedness

While Singaporean organizations have adopted the majority of their government's cybersecurity recommendations, they aren't immune: More than eight in 10 experienced a cybersecurity incident over the course of the year. Read…

Samir K April 4, 2024

News

From Dark Reading – LockBit Ransomware Takedown Strikes Deep Into Brand’s Viability

Nearly three months after Operation Cronos, it's clear the gang is not bouncing back from the innovative law-enforcement action. RaaS operators are on notice, and businesses should pay attention. Read More

Samir K April 3, 2024

News

From Dark Reading – More Than Half of Organizations Plan to Adopt AI Solutions in Coming Year, Reports Cloud Security Alliance and Google Cloud

Samir K April 3, 2024

From Dark Reading – CyberRatings.org Announces Test Results for Cloud Network Firewall

News

From The Hacker News – Considerations for Operational Technology Cybersecurity

From The Hacker News – New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks

From Security Week – New HTTP/2 DoS Attack Potentially More Severe Than Record-Breaking Rapid Reset

From Cyber Security News – Hackers Claiming of Working Windows 0-Day LPE Exploit

From Security Week – Microsoft’s Security Chickens Have Come Home to Roost

From Security Week – Zoom Paid Out $10 Million via Bug Bounty Program Since 2019

From Cyber Security News – WordPress Plugin SQl Injection Exposes 1,000,000 Sites to Cyber Attack

From The Hacker News – Ivanti Rushes Patches for 4 New Flaw in Connect Secure and Policy Secure

From Cyber Security News – Feds Stepping to Patch Years-old SS7 Vulnerability in Phone Networks

From Dark Reading – Singapore Sets High Bar in Cybersecurity Preparedness

From Dark Reading – LockBit Ransomware Takedown Strikes Deep Into Brand’s Viability

From Dark Reading – More Than Half of Organizations Plan to Adopt AI Solutions in Coming Year, Reports Cloud Security Alliance and Google Cloud

From Dark Reading – CyberRatings.org Announces Test Results for Cloud Network Firewall

From Dark Reading – TAG Report Reveals Endpoint Backup Is Essential to Improving Data Resiliency

From Dark Reading – TruCentive Enhances Privacy With HIPAA Compliant Personal Information De-identification