An improper access control bug in Apache Flink that was fixed in January 2021 has been added to the US government’s Known Exploited Vulnerabilities Catalog, meaning criminals are right now abusing the flaw in the wild to compromise targets.
Cyware News – Latest Cyber News – Read More
A leading cyber lawyer in Australia has warned CISOs and other IT leaders their organisations and careers could be at stake if they do not understand data risk and data governance practices.
Security | TechRepublic – Read More
Threat actors have been observed making use of fake websites masquerading as legitimate antivirus solutions from Avast, Bitdefender, and Malwarebytes to propagate malware capable of stealing sensitive information from Android and Windows devices.
“Hosting malicious software through sites which look legitimate is predatory to general consumers, especially those who look to protect their devices
The Hacker News – Read More
The SEC’s lawsuit may take years to resolve through litigation, but here are five things CISOs should do now to protect both themselves as individuals as well as their organizations.
darkreading – Read More
The security issue was discovered internally by Google’s Clément Lecigne and is tracked as CVE-2024-5274. It is a high-severity ‘type confusion’ in V8, Chrome’s JavaScript engine responsible for executing JS code.
Cyware News – Latest Cyber News – Read More
Siloed approaches to securing human and machine identities are driving identity-based attacks across enterprises and their ecosystems, according to a new report by CyberArk.
Cyware News – Latest Cyber News – Read More
A requirement for the Pentagon to commission an independent study on the creation of a U.S. Cyber Force was added late Wednesday to the House version of the defense policy bill.
Cyware News – Latest Cyber News – Read More
As the digital landscape evolves, these words must become an impetus for innovation and dialogue, not insurmountable barriers.
darkreading – Read More
National Cyber Director Harry Coker Jr. said the administration is taking actions to strengthen key critical infrastructure sectors, including healthcare and water utilities, and will pursue additional steps to fight ransomware and boost resilience.
Cyware News – Latest Cyber News – Read More
Averson secures seed funding to build technology that uses AI to identify cloud security weaknesses and counter cyberattacks.
The post Averlon Emerges From Stealth Mode With $8 Million in Funding appeared first on SecurityWeek.
SecurityWeek – Read More