SolarWinds has released a hotfix for a critical Java deserialization remote code execution vulnerability in Web Help Desk.
The post SolarWinds Issues Hotfix for Critical Web Help Desk Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More
Google says it blocked Iranian APT42 hackers from accessing the personal email accounts of individuals affiliated with the US elections.
The post Google Disrupts Iranian Hacking Activity Targeting US Presidential Election appeared first on SecurityWeek.
SecurityWeek – Read More
Palo Alto Networks has patched multiple vulnerabilities, including ones rated high severity, in several products.
The post Palo Alto Networks Patches Unauthenticated Command Execution Flaw in Cortex XSOAR appeared first on SecurityWeek.
SecurityWeek – Read More
The Emergence of Identity Threat Detection and Response
Identity Threat Detection and Response (ITDR) has emerged as a critical component to effectively detect and respond to identity-based attacks. Threat actors have shown their ability to compromise the identity infrastructure and move laterally into IaaS, Saas, PaaS and CI/CD environments. Identity Threat Detection and Response solutions help
The Hacker News – Read More
A cybercrime group with links to the RansomHub ransomware has been observed using a new tool designed to terminate endpoint detection and response (EDR) software on compromised hosts, joining the likes of other similar programs like AuKill (aka AvNeutralizer) and Terminator.
The EDR-killing utility has been dubbed EDRKillShifter by cybersecurity company Sophos, which discovered the tool in
The Hacker News – Read More
South Korea’s ruling party, the People Power Party (PPP), has reported that hackers from North Korea have stolen important technical data related to the country’s main battle tank, the K2, as well as its spy planes known as “Baekdu” and “Geumgang.”
Cyware News – Latest Cyber News – Read More
ExpressVPN’s overall polish, fast performance and wider server network give it a slight edge over PIA VPN’s feature-rich and affordable package.
Security | TechRepublic – Read More
Rapid7 identified multiple intrusion attempts by threat actors utilizing social engineering tactics on June 20, 2024. The threat actors use email bombs followed by calls to offer fake solutions, with recent incidents involving Microsoft Teams calls.
Cyware News – Latest Cyber News – Read More
Georgy Kavzharadze was sentenced to prison in the US for selling stolen financial, login, and personal information on an online cybercriminal marketplace.
The post Russian Sentenced to Prison in US for Selling Stolen Information appeared first on SecurityWeek.
SecurityWeek – Read More
Google said an Iranian hacking group has tried to infiltrate the personal email accounts of roughly a dozen people linked to President Joe Biden and former President Donald Trump since May.
The post Google Confirms an Iranian Group Is Trying to Access Emails Linked to Both US Presidential Campaigns appeared first on SecurityWeek.
SecurityWeek – Read More