CISA Releases Guidance on Adopting DDoS Mitigations
The US Cybersecurity and Infrastructure Security Agency (CISA) has released new guidance to help federal agencies adopt distributed denial-of-service (DDoS) mitigations. DDoS attacks are a…
Category: SecurityWeek
Cisco Patches Critical Vulnerability in BroadWorks Platform
Cisco on Wednesday announced patches for a critical-severity vulnerability in the BroadWorks Application Delivery Platform and BroadWorks Xtended Services Platform. Tracked as CVE-2023-20238, the vulnerability…
Tenable to Acquire Cloud Security Firm Ermetic for $240 Million
Exposure management solutions provider Tenable announced on Thursday that it has entered into a definitive agreement to acquire Israeli cloud security startup Ermetic for roughly…
IBM Discloses Data Breach Impacting Janssen Healthcare Platform
IBM is notifying customers and users of a Johnson & Johnson healthcare platform that their personal information may have been compromised as a result of…
Cisco Finds 8 Vulnerabilities in OAS Industrial IoT Data Platform
Multiple vulnerabilities in the Open Automation Software (OAS) Platform can be exploited to bypass authentication, leak sensitive information, and overwrite files, Cisco warns. Enabling communication…
Crash Dump Error: How a Chinese Espionage Group Exploited Microsoft’s Errors
Microsoft has published a post-mortem detailing multiple errors that led to Chinese cyberspies hacking into US government emails, blaming the embarrassing incident on a crash…
Cash-Strapped IronNet Faces Bankruptcy Options
It appears to be the end of the road for IronNet, the once-promising network security play founded by former NSA director General Keith Alexander. The…
Investors Betting Big on Upwind for CNAPP Tech
An early-stage Israeli startup called Upwind has raised a hefty $50 million in new funding to speed up work on technology to help organizations secure…
Dozens of Unpatched Flaws Expose Security Cameras Made by Defunct Company Zavio
IoT firmware analysis platform provider BugProve has disclosed the details of dozens of vulnerabilities discovered by its researchers in security cameras made by Zavio. Zavio…
Webinar Tomorrow: Unpacking the Secure Supply Chain Consumption Framework (S2C2F)
Microsoft and Finite State have teamed up for a webinar that introduces a new frontier in software supply chain security – the Secure Supply Chain Consumption Framework (S2C2F), an OpenSSF…
Thousands of Popular Websites Leaking Secrets
Code security firm Truffle Security warns that thousands of the domains in the Alexa top 1 million websites list are leaking secrets, including credentials. According…
Password-Stealing Chrome Extension Demonstrates New Vulnerabilities
A group of academic researchers has built a proof-of-concept Chrome extension that can steal passwords from text input fields and published it to the Chrome…