Security
Headlines
HeadlinesLatestCVEs

Source

DARKReading

UCLA, Siemens Among Latest Victims of Relentless MOVEit Attacks

Cl0p ransomware group uses its Dark Web leak site to identify five new victims of MOVEit cyberattacks.

DARKReading
#vulnerability#web#mac#git#auth#zero_day
Jscrambler Launches JavaScript Scanner for PCI DSS 4.0 Compliance

The free tool aims to help organizations meet the requirements of the new version of the payment standard, which takes effect next March.

Protecting Small Businesses From Ransomware on a Budget

One ransomware attack can be devastating for a small or midsize business. Here are four solid survival tips to ensure it doesn't turn into a disaster.

Cequence Security Adds Generative AI to API Security

Cequence's latest updates to its Unified API Protection platform help organizations reduce the time needed to create API security testing plans.

Mockingjay Slips By EDR Tools With Process Injection Technique

By leveraging misconfigured DLLs instead of EDR-monitored APIs, this new technique injects malicious code into running processes, completely evading endpoint security.

Trans-Rights Hacktivists Steal City of Ft. Worth's Data

In a move to embarrass the city, hacking group known as SiegedSec accessed thousands of files with administrator logins, but it's making no ransom demands.

Pilot Applicant Information for American, Southwest Hacked

The attack exposed personal information from pilot applicants, prompting both airlines to ditch their third-party provider and move services internally.

Most Enterprise SIEMs Blind to MITRE ATT&CK Tactics

Organizations are largely deluded about their own security postures, according to an analysis, with the average SIEM failing to detect a whopping 76% of attacker TTPs.

Why the FDA's SBOM Mandate Changes the Game for OSS Security

The new FDA software bill of materials (SBOM) guidelines for medical devices could have broad impact on the healthcare industry and the broader open source ecosystem.

Why Cyber Funding Flows for Rural Water Systems

The $7.5 million in new funds from the Cybersecurity for Rural Water Systems Act of 2023 is not just a drop in the bucket for crucially important rural water systems.