Security News
Alert: CISA Warns of Active ‘Roundcube’ Email Attacks – Patch Now
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Roundcube email software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The issue, tracked as CVE-2023-43770 (CVSS score: 6.1), relates to a cross-site scripting (XSS) flaw that stems from the handling of
Bank of America warns customers of data breach after vendor hack
Bank of America is warning customers of a data breach exposing their personal information after one of its service providers was hacked last year. […]
Read MoreFCC orders telecom carriers to report PII data breaches within 30 days
Starting March 13th, telecommunications companies must report data breaches impacting customers’ personally identifiable information within 30 days, as required by FCC’s updated data breach reporting requirements. […]
Read MoreUS Govt. Offers Millions in Bounties to Find Hive Ransomware Actors
The move by the State Department complements a Hive infrastructure takedown by international law enforcement.
Read MoreBugcrowd Secures $102M in Strategic Growth Funding to Scale AI-Powered Crowdsourced Security Platform
Original Source: Dark Reading PRESS RELEASE SAN FRANCISCO, February 12, 2024 – Bugcrowd has secured $102 million in strategic growth financing to scale its AI-powered crowdsourced security platform offerings globally. Led by General Catalyst, with participation from longtime existing investors Rally Ventures and Costanoa Ventures, this funding round underscores investor confidence in the company’s leadership position…
Read MoreOngoing Azure Compromises Target Senior Execs, Microsoft 365 Apps
Attackers are breaching cloud environments and playing games with corporate Microsoft 365 apps, and further victims are likely to come.
Read MoreNew Fortinet RCE bug is actively exploited, CISA confirms
CISA confirmed today that attackers are actively exploiting a critical remote code execution (RCE) bug patched by Fortinet on Thursday. […]
Read MoreFresh ‘Mispadu Stealer’ Variant Emerges
Latest iteration of the malware appears aimed at targets in Mexico.
Read MoreDeepfake-Generating Apps Explode, Allowing Multimillion-Dollar Corporate Heists
Deepfakes are fast becoming more realistic, and access to them more democratic, enabling even ordinary attackers to enact major fraud. What’s the most effective way to fight back?
Read MoreUS announces visa ban on those linked to commercial spyware
Secretary of State Antony J. Blinken announced today a new visa restriction policy that will enable the Department of State to ban those linked to commercial spyware from entering the United States. […]
Read More