Blog
White House Official Says New Global Initiatives Will Include Information Sharing, Ransom Payment Tracking
The White House aims to establish a global norm against paying ransoms to cybercriminals and may seek a UN process or an international partnership to achieve this objective.
Act Now: VMware Releases Patch for Critical vCenter Server RCE Vulnerability
VMware has released security updates to address a critical flaw in the vCenter Server that could result in remote code execution on affected systems. The issue, tracked as CVE-2023-34048 (CVSS score: 9.8), has been described as an out-of-bounds write vulnerability in...
Censys Lands New Cash to Grow Its Threat-Detecting Cybersecurity Service
Censys aims to offer customers insights into the historical and real-time status of their data, enabling them to identify how long their data has been vulnerable and what changes have made it exploitable.
How Passkeys are Changing the Face of Authentication
Passkeys are digital credentials that can only be used by authorized users and require biometric or unique factor authentication. Tech giants like Apple, Google, and Microsoft have embraced passkeys in their products.
Malvertising Campaign Targets Brazil’s PIX Payment System with GoPIX Malware
The popularity of Brazil's PIX instant payment system has made it a lucrative target for threat actors looking to generate illicit profits using a new malware called GoPIX. Kaspersky, which has been tracking the active campaign since December 2022, said the attacks...
Samsung Galaxy S23 Hacked Twice on First Day of Pwn2Own 2023 in Toronto
Researchers also targeted other devices such as smartphones, printers, smart speakers, and surveillance cameras, demonstrating the wide range of potential targets for hackers.
Report: Only a Fraction of Risk Leaders are Prepared for GenAI Threats
New research by Riskonnect highlights a significant gap in AI risk management, with only 17% of risk and compliance leaders formally training their organizations on the risks of generative AI.
Report: September was a Record Month for Ransomware Attacks in 2023
Ransomware activity reached an all-time high in September, with 514 attacks recorded. The previous record was in March 2023, but this new surge was led by different threat groups. LockBit 3.0, LostTrust, and BlackCat were the top attackers.
Alert: PoC Exploits Released for Citrix and VMware Vulnerabilities
Virtualization services provider VMware has alerted customers to the existence of a proof-of-concept (PoC) exploit for a recently patched security flaw in Aria Operations for Logs. Tracked as CVE-2023-34051 (CVSS score: 8.1), the high-severity vulnerability relates to...
VMware Warns Admins of Public Exploit for RCE Flaw in Aria Operations for Logs
The vulnerability (CVE-2023-34051) requires the attacker to compromise a host within the targeted environment and have permissions to add an extra interface or static IP address.
FREE GUIDE