Mass Exploitation of ‘Citrix Bleed’ Vulnerability Underway
Thousands of Citrix NetScaler ADC and Gateway instances remain unpatched against a critical vulnerability that is being widely exploited, security researchers warn. The flaw, which…
Category: SecurityWeek
Chrome 119 Patches 15 Vulnerabilities
Google on Tuesday announced the release of Chrome 119 to the stable channel with patches for 15 vulnerabilities, including 13 reported by external researchers. Three…
MITRE Releases ATT&CK v14 With Improvements to Detections, ICS, Mobile
MITRE on Tuesday announced the release of version 14 of ATT&CK, the widely used knowledge base of adversary tactics and techniques. ATT&CK v14 brings improvements…
DPI: Still Effective for the Modern SOC?
There has been an ongoing debate in the security industry over the last decade or so about whether or not deep packet inspection (DPI) is…
Malicious NuGet Packages Abuse MSBuild Integrations for Code Execution
As part of an ongoing and coordinated campaign, threat actors have been continuously publishing malicious NuGet packages with hidden code execution capabilities, threat detection firm…
SIEM and Log Management Provider Graylog Raises $39 Million
Security information and event management (SIEM) and log management provider Graylog on Tuesday announced that it has raised $39 million in funding, which brings the…
Cutting-Edge AI Raises Fears About Risks to Humanity. Are Tech and Political Leaders Doing Enough?
Chatbots like ChatGPT wowed the world with their ability to write speeches, plan vacations or hold a conversation as good as or arguably even better…
Former British Cyberespionage Agency Employee Gets Life in Prison for Stabbing an American Spy
A former British cyberespionage employee who had become angry and resentful toward his agency’s work was sentenced Monday to life in prison for attempted murder…
Cybersecurity Leaders Spooked by SEC Lawsuit Against SolarWinds CISO
In a development sparking chatter and debate through the cybersecurity world, the lawsuit filed by the the U.S. Securities and Exchange Commission (SEC) against the…
Palo Alto Networks to Acquire Cloud Security Start-Up Dig Security
Palo Alto Networks (NASDAQ: PANW) announced on Tuesday that it has entered into a definitive agreement to acquire Dig Security, a Tel Aviv, Israel-based provider…
Atlassian CISO Urges Quick Action to Protect Confluence Instances From Critical Vulnerability
Enterprise software maker Atlassian on Monday urged all Confluence Data Center and Server customers to patch their instances against a critical-severity vulnerability that can be…
IAM Credentials in Public GitHub Repositories Harvested in Minutes
A threat actor is harvesting identity and access management (IAM) credentials from public GitHub repositories within five minutes of exposure, cybersecurity firm Palo Alto Networks…