In Other News: US Hacking China, Unfixed PowerShell Gallery Flaws, Free Train Tickets
SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under...
Read more →Category: SecurityWeek
Jenkins Patches High-Severity Vulnerabilities in Multiple Plugins
Open source software development automation server Jenkins this week announced patches for high- and medium-severity vulnerabilities impacting multiple plugins. The...
Read more →
Stealthy ‘LabRat’ Campaign Abuses TryCloudflare to Hide Infrastructure
A newly discovered financially motivated operation is relying on signature-based tools and stealthy cross-platform malware to remain undetected, and abuses...
Read more →
Companies Respond to ‘Downfall’ Intel CPU Vulnerability
Several major companies have published security advisories in response to the recently disclosed Intel CPU vulnerability named Downfall. Discovered by...
Read more →
Israel, US to Invest $4 Million in Critical Infrastructure Security Projects
Government agencies in Israel and the US have announced plans to invest $3.85 million in projects meant to improve the...
Read more →
Federally Insured Credit Unions Required to Report Cyber Incidents Within 3 Days
The National Credit Union Administration (NCUA) is updating cyberattack reporting rules, requiring all federally insured credit unions to report incidents...
Read more →
ProjectDiscovery Lands $25M Investment for Cloud Security Tech
San Francisco cloud security startup ProjectDiscovery has banked $25 million in early-stage financing as investors continue to place bets on...
Read more →
Google Brings AI Magic to Fuzz Testing With Eye-Opening Results
Google has sprinkled the magic of artificial intelligence into its open source fuzz testing infrastructure and the results suggest LLM...
Read more →
Malicious QR Codes Used in Phishing Attack Targeting US Energy Company
A widespread phishing campaign ongoing since May 2023 has been targeting organizations in various industries, including a major US energy...
Read more →
Rapid7 Says ROI for Ransomware Remains High; Zero-Day Usage Expands
The Rapid7 mid-year review of the threat landscape is not reassuring. Ransomware remains high, basic security defenses are not being...
Read more →
Cisco Patches High-Severity Vulnerabilities in Enterprise Applications
Cisco on Wednesday announced security updates for several enterprise applications to patch high-severity vulnerabilities leading to privilege escalation, SQL injection,...
Read more →
Thousands of Systems Turned Into Proxy Exit Nodes via Malware
Threat actors are leveraging access to malware-infected Windows and macOS systems to deploy a proxy application, AT&T’s Alien Labs reports....
Read more →