Addressing the People Problem in Cybersecurity
October marks the 20th anniversary of Cybersecurity Awareness Month – an annual campaign led by the Cybersecurity and Infrastructure Agency (CISA) in partnership with the…
Category: SecurityWeek
Linux Foundation Announces OpenPubkey Open Source Cryptographic Protocol
The Linux Foundation on Wednesday announced OpenPubkey, an open source cryptographic protocol that should help boost supply chain security. OpenPubkey was developed as part of…
CISA, NSA Publish Guidance on IAM Challenges for Developers, Vendors
The US cybersecurity agency CISA and the NSA have published new guidance on implementing identity and access management (IAM), focusing on the challenges that developers…
Qakbot Hackers Continue to Push Malware After Takedown Attempt
The cybercriminals behind the Qakbot malware have been observed distributing ransomware and backdoors following the recent infrastructure takedown attempt by law enforcement, according to Cisco’s…
Hundreds Download Malicious NPM Package Capable of Delivering Rootkit
A recently observed malicious campaign has relied on typosquatting to trick users into downloading a malicious NPM package that would infect their systems with a…
Sony Confirms Data Stolen in Two Recent Hacker Attacks
Sony this week shared information on the impact of two recent unrelated hacker attacks believed to have been carried out by a couple of known…
Apple Warns of Newly Exploited iOS 17 Kernel Zero-Day
Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down. The Cupertino device maker on Wednesday rushed…
Atlassian Ships Urgent Patch for Exploited Confluence Zero-Day
Business software maker Atlassian on Wednesday called immediate attention to a major security defect in its Confluence Data Center and Server products and warned that…
Mozilla Warns of Fake Thunderbird Downloads Delivering Ransomware
Mozilla issued a warning this week over malicious websites offering Thunderbird downloads after a ransomware group was caught using this technique to deliver malware. Cybersecurity…
New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks
Server and computer hardware giant Supermicro has released updates to address multiple vulnerabilities in Baseboard Management Controllers (BMC) IPMI firmware. The issues (tracked as CVE-2023-40284…
Lyca Mobile Services Significantly Disrupted by Cyberattack
International mobile virtual network operator Lyca Mobile has confirmed that its services were significantly disrupted in recent days due to a cyberattack that may have…
Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions
Major Linux distributions such as Debian, Fedora, and Ubuntu are affected by a GNU C Library (glibc) vulnerability that could provide an attacker with full…