CISA emergency directive: Mitigate Ivanti zero-days immediately
CISA issued this year’s first emergency directive ordering Federal Civilian Executive Branch (FCEB) agencies to immediately mitigate two Ivanti Connect Secure and Ivanti Policy Secure…
Latest Cybersecurity News — Page 4496
View all →
The Devastating PixieFail Flaws in UEFI – Is Your Device at Risk?
The recent discovery of “PixieFail,” a set of nine vulnerabilities in Tianocore’s EDK II IPv6 network stack, has raised significant concerns in the cybersecurity community.…
MPs flag similarities between HMRC’s treatment of Loan Charge contractors and Post Office scandal
The treatment of tens of thousands of IT contractors who are being pursued by HM Revenue & Customs (HMRC) for life-changing amounts of unpaid tax…
FTC bans one more data broker from selling your location info
The U.S. Federal Trade Commission (FTC) continues to target data brokers, this time in a settlement with InMarket Media, which bans the company from selling…
Iran’s Mint Sandstorm Hits Universities with Hamas-Israel Phishing Scam
Microsoft has warned of a sophisticated phishing scam, accompanied by the use of a custom backdoor called MediaPI, orchestrated by the Iranian Mint Sandstorm APT.…
Cloud Security Is Best Achieved With The Right Preparation
Cloud migration is one of the hottest industry topics right now. Many organizations are rapidly making the transformation to the cloud, and industry professionals are…
Ivanti EPMM and MobileIron Core vulnerability is actively exploited, CISA confirms (CVE-2023-35082)
A previously patched critical vulnerability (CVE-2023-35082) affecting Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core is being actively exploited, the Cybersecurity and Infrastructure Security Agency…
ICO prompts confusion over police cloud legality
The Information Commissioner Office (ICO) has sown confusion over the legality of police forces using US-based cloud providers to process sensitive law enforcement data. Computer…
US CISA warns of actively exploited Ivanti EPMM flaw CVE-2023-35082
U.S. CISA warns of actively exploited Ivanti EPMM flaw CVE-2023-35082 Pierluigi Paganini January 19, 2024 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti EPMM…
Chinese hackers exploit VMware bug as zero-day for two years
A Chinese hacking group has been exploiting a critical vCenter Server vulnerability (CVE-2023-34048) as a zero-day since at least late 2021. The flaw was patched…
Hackers Abuse TeamViewer to Launch Ransomware Attacks
Hackers exploit TeamViewer because it gives remote access to systems and allows threat actors to control them. This can be used for several illicit purposes…
Canadian Man Stuck in Triangle of E-Commerce Fraud – Krebs on Security
A Canadian man who says he’s been falsely charged with orchestrating a complex e-commerce scam is seeking to clear his name. His case appears to…