Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
A high-severity remote code execution (RCE) vulnerability in Apache NiFi, for which an exploitation tool already exists, can lead to...
Read more →Category: SecurityWeek
A Key US Government Surveillance Tool Should Face New Limits, a Divided Privacy Oversight Board Says
Federal spy agencies should be required to get court approval before reviewing the communications of U.S. citizens collected through a...
Read more →
Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers
Gaps in Cloudflare’s security controls allow users to bypass customer-configured protection mechanisms and target other users from the platform itself,...
Read more →
FBI Warns Organizations of Dual Ransomware, Wiper Attacks
The FBI is warning organizations of new trends in ransomware attacks, where victims are targeted by multiple file-encrypting malware families...
Read more →
US State Department Says 60,000 Emails Taken in Alleged Chinese Hack
The US State Department said Thursday that hackers took around 60,000 emails, although none of them classified, in an attack...
Read more →
Progress Software Patches Critical Pre-Auth Flaws in WS_FTP Server Product
Enterprise technology vendor Progress Software on Thursday shipped patches for critical-level security flaws in its WS_FTP file transfer software, warning...
Read more →
Moving From Qualitative to Quantitative Cyber Risk Modeling
Reporting on cyber risk is a table stakes initiative for information security leaders. After speaking with key stakeholders within organizations,...
Read more →
Lumu Raises $30 Million for Threat Detection and Response Platform
Lumu, a cybersecurity firm that helps organizations identify and isolate potential compromises, on Wednesday announced that it has raised $30...
Read more →
Verisoul Raises $3.25 Million in Seed Funding to Detect Fake Users
Verisoul, an Austin, Texas-based company that has developed a SaaS platform for detecting and blocking fake users, announced on Thursday...
Read more →
80% of CISA Staff at Risk of Furlough as Government Shutdown Looms
Roughly 80% of the staff at US cybersecurity agency CISA may be sent home at the end of the week...
Read more →
Russian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS Exploits
Operation Zero, a Russian zero-day acquisition firm, announced this week that it is offering up to $20 million for full...
Read more →
Cisco Warns of IOS Software Zero-Day Exploitation Attempts
Cisco this week announced patches for multiple vulnerabilities impacting its products, including a medium-severity flaw in IOS and IOS XE...
Read more →