Cisco Plugs Gaping Hole in Emergency Responder Software
A remotely exploitable vulnerability in the Cisco Emergency Responder software could allow an unauthenticated attacker to log in to an affected device using the root…
Category: SecurityWeek
GitHub Improves Secret Scanning Feature With Expanded Token Validity Checks
Software development giant GitHub on Wednesday announced an enhancement to its secret scanning feature, now allowing users to check the validity of exposed credentials for…
BlackBerry to Split Cybersecurity, IoT Business Units
Canadian tech giant BlackBerry has announced plans to split its cybersecurity and IOT (Internet of Things) businesses and pursue an initial public offering for the…
Red Cross Publishes Rules of Engagement for Hacktivists During War
The International Committee of the Red Cross (ICRC) is urging hacking groups involved in conflict during war to abide by a set of rules meant…
Addressing the People Problem in Cybersecurity
October marks the 20th anniversary of Cybersecurity Awareness Month – an annual campaign led by the Cybersecurity and Infrastructure Agency (CISA) in partnership with the…
Linux Foundation Announces OpenPubkey Open Source Cryptographic Protocol
The Linux Foundation on Wednesday announced OpenPubkey, an open source cryptographic protocol that should help boost supply chain security. OpenPubkey was developed as part of…
CISA, NSA Publish Guidance on IAM Challenges for Developers, Vendors
The US cybersecurity agency CISA and the NSA have published new guidance on implementing identity and access management (IAM), focusing on the challenges that developers…
Qakbot Hackers Continue to Push Malware After Takedown Attempt
The cybercriminals behind the Qakbot malware have been observed distributing ransomware and backdoors following the recent infrastructure takedown attempt by law enforcement, according to Cisco’s…
Hundreds Download Malicious NPM Package Capable of Delivering Rootkit
A recently observed malicious campaign has relied on typosquatting to trick users into downloading a malicious NPM package that would infect their systems with a…
Sony Confirms Data Stolen in Two Recent Hacker Attacks
Sony this week shared information on the impact of two recent unrelated hacker attacks believed to have been carried out by a couple of known…
Apple Warns of Newly Exploited iOS 17 Kernel Zero-Day
Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down. The Cupertino device maker on Wednesday rushed…
Atlassian Ships Urgent Patch for Exploited Confluence Zero-Day
Business software maker Atlassian on Wednesday called immediate attention to a major security defect in its Confluence Data Center and Server products and warned that…