Exploitation of Recent Citrix ShareFile RCE Vulnerability Begins
Threat intelligence company Greynoise says it has observed the first attempts to exploit a recent critical remote code execution (RCE) vulnerability in Citrix ShareFile. A…
Category: SecurityWeek
Industry Reactions to New SEC Cyber Incident Disclosure Rules: Feedback Friday
The US Securities and Exchange Commission (SEC) has adopted new cybersecurity incident disclosure rules for public companies, but there is concern that the new rules…
Zimbra Patches Exploited Zero-Day Vulnerability
Zimbra this week released patches for a cross-site scripting (XSS) vulnerability in Collaboration Suite that has been exploited in malicious attacks. Tracked as CVE-2023-37580, the…
CoinsPaid Blames North Korean Hackers for $37 Million Cryptocurrency Heist
Cryptocurrency payments firm CoinsPaid says North Korean hacking group Lazarus is likely responsible for the theft of approximatively $37 million in cryptocurrency. Based in Estonia,…
Weintek Weincloud Vulnerabilities Allowed Manipulation, Damaging of ICS Devices
Several vulnerabilities discovered by a researcher from industrial cybersecurity firm TXOne Networks in a Weintek product could have been exploited to manipulate and damage industrial…
US Senator Wyden Accuses Microsoft of ‘Cybersecurity Negligence’
Oregon senator Ron Wyden wants the U.S. government to hold Microsoft responsible for what he describes as “negligent cybersecurity practices” that enabled “a successful Chinese…
Protect AI Raises $35 Million to Protect Machine Learning and AI Assets
Machine Learning and Artificial Intelligence security firm Protect AI has raised $35 million in a Series A funding round led by Evolution Equity Partners and…
The Good, the Bad and the Ugly of Generative AI
As humans, we’re naturally wired to be negative. It’s a widely studied concept referred to as negativity bias, and it’s not entirely a bad thing.…
TSA Updates Pipeline Cybersecurity Requirements
The Transportation Security Administration (TSA) announced on Wednesday an update to its cybersecurity requirements for oil and natural gas pipeline owners and operators. The security…
Head of US Cybersecurity Agency Sees Progress on Election Security, With More Work Needed for 2024
Efforts to protect the nation’s election systems have grown exponentially since the 2016 presidential election, but more is needed to defend the integrity and resiliency…
European Threat Intelligence Firm QuoIntelligence Raises $5.5 Million in Seed Funding
Threat intelligence services provider QuoIntelligence today announced that it has raised €5 million ($5.5 million) in seed funding. The investment round was led by venture…
Multiple Security Issues Identified in Peloton Fitness Equipment
Internet-connected Peloton fitness equipment is plagued with numerous security issues that could allow attackers to obtain device information or deploy malware, cybersecurity firm Check Point…