News
-
"EU Agrees New Cybersecurity Legislation for Critical Services Organizations"The European Union (EU) has recently reached a political agreement on new legislation that will impose common cybersecurity standards on critical industry organizations. The new directive will replace the EU’s existing rules on the security of…
-
"ForgeRock Offers AI-Based Solution For Identity-Based Cyberattacks"ForgeRock, a global identity and access management company, has created a new application called ForgeRock Autonomous Access that uses AI to prevent identity-based cyberattacks and fraud. The application monitors login requests in real-time to…
-
"Transforming SQL Queries Bypasses WAF Security"A team of researchers at Zhejiang University in China used basic Machine Learning (ML) to identify patterns that common Web Application Firewalls (WAFs) fail to detect, but which can deliver a threat actor's payload. The researchers started with common…
-
"Maryland Governor Signs Bills to Strengthen Cybersecurity"Gov. Larry Hogan just signed measures to strengthen cybersecurity in state and local governments in Maryland after lawmakers approved legislation and big investments earlier this year to protect vital systems against cyberattacks. One of the…
-
"Critical Vulnerabilities Provide Root Access to InHand Industrial Routers"Security researchers at Cisco’s Talos threat intelligence and research unit have discovered 17 vulnerabilities in a wireless industrial router made by InHand Networks, including flaws that can be chained to gain root access by getting a user to click on…
-
"Critical Flaw in Zyxel Firewalls Grants Access to Corporate Networks (CVE-2022-30525)"Researchers at Rapid 7 have discovered a critical vulnerability (CVE-2022-30525) affecting several models of Zyxel firewalls. The researchers disclosed the vulnerability to Zyxel on April 13th, and it was fixed by the company with a patch released…
-
"Malware Builder Leverages Discord Webhooks"Researchers found a simple malware builder that steals credentials and sends them to Discord webhooks. A Discord user called Portu began selling a new password-stealing malware generator on April 23rd, 2022. Malware builders are programs that "script…
-
"Cybersecurity Workforce Needs to Grow by Two-Thirds to Protect Assets"According to an analysis conducted by (ISC)², a Florida-based nonprofit organization specializing in IT training and certifications, the worldwide cybersecurity workforce must grow by 65 percent to protect enterprises' critical assets adequately. The…
-
"Thousands of WordPress Sites Hacked to Redirect Visitors to Scam Sites"Cybersecurity researchers have discovered a malicious campaign responsible for injecting malicious JavaScript code into compromised WordPress websites that redirect visitors to scam pages and other malicious websites to generate illegitimate traffic.…
-
"Intel Memory Firmware Bug Hits Hundreds of Products"Intel has released updates to address Optane SSD bugs that initially surfaced a year ago. The bugs will affect any servers utilizing the impacted Optane SSD and Optane SSD Data Center firmware. They are classed as "high" rather than "critical" by the…
-
"RuTube Hack: Russian Video Platform Denies Losing Source Code After Cyberattack"A Russian video streaming service called RuTube denies losing all of its source code after a recent cyberattack that coincided with Russia's Victory Day. The platform, owned by Gazprom-Media and considered the Russian equivalent to YouTube, has nearly 25…
-
"Trustpilot Forced to Delete Millions of Fake Reviews in 2021"Trustpilot, a leading internet reviews site, was forced to pull 2.7 million entries submitted to its platform in 2021 because of fraud, a 23% increase compared to 2020. Trustpilot noted that it is unclear what factors accounted for the surge in…