80% of CISA Staff at Risk of Furlough as Government Shutdown Looms
Roughly 80% of the staff at US cybersecurity agency CISA may be sent home at the end of the week...
Read more →Category: SecurityWeek
Russian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS Exploits
Operation Zero, a Russian zero-day acquisition firm, announced this week that it is offering up to $20 million for full...
Read more →
Cisco Warns of IOS Software Zero-Day Exploitation Attempts
Cisco this week announced patches for multiple vulnerabilities impacting its products, including a medium-severity flaw in IOS and IOS XE...
Read more →
Sysdig Launches Realtime Attack Graph for Cloud Environments
Cloud security firm Sysdig has enhanced the cloud detection and response capabilities of its CNAPP offering with a realtime cloud...
Read more →
Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor
Google has rushed to patch another Chrome zero-day vulnerability exploited by a commercial spyware vendor. The internet giant announced on...
Read more →
Chinese Gov Hackers Caught Hiding in Cisco Router Firmware
A Chinese state-sponsored APT called BlackTech has been caught hacking into network edge devices and using firmware implants to stay...
Read more →
Google Open Sources Binary File Comparison Tool BinDiff
Google has announced that BinDiff, a popular file comparison tool maintained by the company for more than a decade, is...
Read more →
CISA Unveils New HBOM Framework to Track Hardware Components
The US government’s cybersecurity agency CISA has unveiled a new Hardware Bill of Materials (HBOM) framework offering a consistent, repeatable...
Read more →
Firefox 118 Patches High-Severity Vulnerabilities
Mozilla on Tuesday announced security updates for both Firefox and Thunderbird, addressing a total of nine vulnerabilities in its products,...
Read more →
Gem Security Lands $23 Million Series A Funding
Gem Security, an Israeli startup with operations in New York, has attracted $23 million in venture capital investment to build...
Read more →
Misconfigured TeslaMate Instances Put Tesla Car Owners at Risk
Misconfigured TeslaMate instances can leak tons of data on the internet, potentially exposing Tesla cars and their drivers to malicious...
Read more →
Stolen GitHub Credentials Used to Push Fake Dependabot Commits
Threat actors have been observed pushing fake Dependabot contributions to hundreds of GitHub repositories in an effort to inject malicious...
Read more →