Tracked as CVE-2020-12812, the exploited FortiOS flaw allows threat actors to bypass two-factor authentication.
The post Fortinet Warns of New Attacks Exploiting Old Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More
South Korean online retailer Coupang is defending its response to a major data breach by an insider, releasing more details of the investigation — including a MacBook recovered from a river bottom.
The Record from Recorded Future News – Read More
Official documents indicate a long-awaited change might be coming.
Latest news – Read More
The ‘download’ button on the official EmEditor website served a malicious installer.
The post Infostealer Malware Delivered in EmEditor Supply Chain Attack appeared first on SecurityWeek.
SecurityWeek – Read More
Hackers stole names, addresses, Social Security numbers, ID numbers, and medical and health insurance information from Aflac’s systems.
The post 22 Million Affected by Aflac Data Breach appeared first on SecurityWeek.
SecurityWeek – Read More
From university breaches to cyberattacks that shut down whole supply chains, these were the worst cybersecurity incidents of the year.
Security Latest – Read More
From Donald Trump to DOGE to Chinese hackers, this year the internet’s chaos caused outsized real-world harm.
Security Latest – Read More
Privacy may be dead, but civilians are turning conventional wisdom on its head by surveilling the cops as much as the cops surveil them.
Security Latest – Read More
Dubbed MongoBleed, the high-severity flaw allows unauthenticated, remote attackers to leak sensitive information from MongoDB servers.
The post Fresh MongoDB Vulnerability Exploited in Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
Tech companies are increasingly warning their customers that they have been targeted by governments with advanced government spyware, such as NSO’s Pegasus or Paragon’s Graphite. What happens after receiving a threat notification?
Security News | TechCrunch – Read More