Three critical application security flaws scanners can’t detect
In today’s interconnected world, web application security is crucial for business continuity. Yet, web application attacks are now involved in 25% of all breaches. While…
Month: February 2024
Over 13,000 Ivanti gateways vulnerable to actively exploited bugs
Thousands of Ivanti Connect Secure and Policy Secure endpoints remain vulnerable to multiple security issues first disclosed more than a month ago and which the…
Telstra reins in IT operations to get cost-out target back on track – Telco/ISP
Telstra will “significantly” reduce IT operations spending and the number of “legacy” IT and networks in its environment to try to meet a cost-out target…
Zeus, IcedID malware gangs leader pleads guilty, faces 40 years in prison
Ukrainian national Vyacheslav Igorevich Penchukov, one of the heads of the notorious JabberZeus cybercrime gang, has pleaded guilty to charges related to his leadership roles…
Elon Musk’s X Gave Check Marks to Terrorist Group Leaders, Report Says
A watchdog group’s investigation found that terrorist group Hezbollah and other US-sanctioned entities have accounts with paid check marks on X, the Elon Musk–owned social…
DNS resolvers inherited specification bug – Security
A protocol error in the venerable Domain Name System Security Extensions (DNSSEC) specification, dubbed Key Trap, exposes DNS resolvers worldwide to denial-of-service attacks. While CVE-2023-50387…
RansomHouse gang automates VMware ESXi attacks with new MrAgent tool
The RansomHouse ransomware operation has created a new tool named ‘MrAgent’ that automates the deployment of its data encrypter across multiple VMware ESXi hypervisors. RansomHouse is a…
RBA launches core modernisation design phase – Strategy
The Reserve Bank of Australia is looking for designs that will form the basis of its core infrastructure modernisation (CIM) program. The RBA this week…
US Gov dismantled the Moobot botnet controlled by Russia-linked APT28
US Gov dismantled the Moobot botnet controlled by Russia-linked APT28 Pierluigi Paganini February 15, 2024 The US authorities dismantled the Moobot botnet, which was controlled…
What Is It & How to Remediate
HackerOne’s 7th Annual Hacker Powered Security Report states that improper access control is the second most common vulnerability reported in a bug bounty and number four…
Microsoft says it fixed a Windows Metadata server issue that’s still broken
Microsoft claims to have fixed Windows Metadata connection issues which continue to plague customers, causing problems for users trying to manage their printers and other…
Cyber Resilience – Beyond Cyber Security
In a world where 100% security is not possible, we need to be resilient as we strive to be secure. By James Gorman, Hard2hack.com The…