Zimbra Patches Exploited Zero-Day Vulnerability
Zimbra this week released patches for a cross-site scripting (XSS) vulnerability in Collaboration Suite that has been exploited in malicious attacks. Tracked as CVE-2023-37580, the…
Category: SecurityWeek
CoinsPaid Blames North Korean Hackers for $37 Million Cryptocurrency Heist
Cryptocurrency payments firm CoinsPaid says North Korean hacking group Lazarus is likely responsible for the theft of approximatively $37 million in cryptocurrency. Based in Estonia,…
Weintek Weincloud Vulnerabilities Allowed Manipulation, Damaging of ICS Devices
Several vulnerabilities discovered by a researcher from industrial cybersecurity firm TXOne Networks in a Weintek product could have been exploited to manipulate and damage industrial…
US Senator Wyden Accuses Microsoft of ‘Cybersecurity Negligence’
Oregon senator Ron Wyden wants the U.S. government to hold Microsoft responsible for what he describes as “negligent cybersecurity practices” that enabled “a successful Chinese…
Protect AI Raises $35 Million to Protect Machine Learning and AI Assets
Machine Learning and Artificial Intelligence security firm Protect AI has raised $35 million in a Series A funding round led by Evolution Equity Partners and…
The Good, the Bad and the Ugly of Generative AI
As humans, we’re naturally wired to be negative. It’s a widely studied concept referred to as negativity bias, and it’s not entirely a bad thing.…
TSA Updates Pipeline Cybersecurity Requirements
The Transportation Security Administration (TSA) announced on Wednesday an update to its cybersecurity requirements for oil and natural gas pipeline owners and operators. The security…
Head of US Cybersecurity Agency Sees Progress on Election Security, With More Work Needed for 2024
Efforts to protect the nation’s election systems have grown exponentially since the 2016 presidential election, but more is needed to defend the integrity and resiliency…
European Threat Intelligence Firm QuoIntelligence Raises $5.5 Million in Seed Funding
Threat intelligence services provider QuoIntelligence today announced that it has raised €5 million ($5.5 million) in seed funding. The investment round was led by venture…
Multiple Security Issues Identified in Peloton Fitness Equipment
Internet-connected Peloton fitness equipment is plagued with numerous security issues that could allow attackers to obtain device information or deploy malware, cybersecurity firm Check Point…
CardioComm Takes Systems Offline Following Cyberattack
Canadian heart monitoring and medical electrocardiogram solutions provider CardioComm this week announced it has taken systems offline following a cyberattack. The attack, the company says,…
Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads
Researchers at cloud security firm Wiz have discovered two easily exploitable privilege escalation vulnerabilities in Ubuntu’s OverlayFS module affecting 40% of Ubuntu cloud workloads. OverlayFS…