New Malware Attacking MacOS Users
Researchers have uncovered a new Trojan-attacking macOS user that is associated with the BlueNoroff APT group and their ongoing RustBucket campaign. As a subgroup of Lazarus, BlueNoroff possesses…
Month: December 2023
Product showcase: Apiiro unifies AppSec and SSCS in a deep ASPM
With the rapidly evolving threat landscape and complexity of interconnected applications, identifying real, business-critical application risks is more challenging than ever. Application security teams need…
Atlassian patches critical RCE flaws across multiple products
Atlassian has published security advisories for four critical remote code execution (RCE) vulnerabilities impacting Confluence, Jira, and Bitbucket servers, along with a companion app for macOS.…
ICANN Launches Service to Help With WHOIS Lookups – Krebs on Security
More than five years after domain name registrars started redacting personal data from all public domain registration records, the non-profit organization overseeing the domain industry…
Fortifying the Human Firewall: Six-Steps For An Effective Security Awareness Program
[By Perry Carpenter, chief evangelist and security officer at KnowBe4] The threat landscape is evolving with new attack vectors and cyber threats surfacing almost daily.…
Panther Labs introduces Security Data Lake Search and Splunk Integration capabilities
Panther Labs launched its new Security Data Lake Search and Splunk Integration capabilities. These offerings mark a critical leap forward in managing security risks in…
Hackers Exploit Adobe ColdFusion Flaw to Hack Government Servers
A recent cybersecurity advisory from CISA has brought to light a formidable cyber onslaught, revealing an alarming breach where faceless hackers capitalized on a critical…
Cyber Threat emerges out of Apple iOS 17 new NameDrop Feature
Apple’s recent update to iOS 17 introduced a new feature called NameDrop, enhancing data transfer capabilities for iPhone and Apple Watch users. This update allows…
Cyber and Physical Security Are Different, But They Must Work Together
[By Blake Benson, Senior Director – Industrial Cybersecurity Practice at ABS Group] America’s critical infrastructure faces more diverse threats than ever before. The rapid digitalization…
Atlassian fixes four critical RCE vulnerabilities, patch quickly!
Atlassian has released security updates for four critical vulnerabilities (CVE-2023-1471, CVE-2023-22522, CVE-2023-22524, CVE-2023-22523) in its various offerings that could be exploited to execute arbitrary code.…
Windows 10 gets its own extended security updates program
The day that Windows 10 machines will get their last security updates is set for October 14, 2025. So if you want to stay secure,…
Living Security Unify Go improves human risk management
Living Security announced Unify Go, a free tool for Living Security training customers that surfaces security vulnerabilities across the workforce by aggregating and correlating employee…