Security
Headlines
HeadlinesLatestCVEs

Source

Threatpost

Invest in These 3 Key Security Technologies to Fight Ransomware

Ransomware volumes are up 1000%. Aamir Lakhani, cybersecurity researcher and practitioner at FortiGuard Labs , discusses secure email, network segmentation and sandboxing for defense.

Threatpost
#web
Critical Citrix DDoS Bug Shuts Down Network, Cloud App Access

The distributed computing vendor patched the flaw, affecting Citrix ADC and Gateway, along with another flaw impacting availability for SD-WAN appliances.

Massive Zero-Day Hole Found in Palo Alto Security Appliances

Researchers have a working exploit for the vulnerability (now patched), which allows for unauthenticated RCE and affects an estimated 70,000+ VPN/firewalls.

New Android Spyware Poses Pegasus-Like Threat

PhoneSpy already has stolen data and tracked the activity of targets in South Korea, disguising itself as legitimate lifestyle apps.

Microsoft Nov. Patch Tuesday Fixes Six Zero-Days, 55 Bugs

Experts urged users to prioritize patches for Microsoft Exchange and Excel, those favorite platforms so frequently targeted by cybercriminals and nation-state actors.

12 New Flaws Used in Ransomware Attacks in Q3

The Q3 2021 report revealed a 4.5% increase in CVEs associated with ransomware and a 3.4% increase in ransomware families compared with Q2 2021.

The New Frontier of Enterprise Risk: Nth Parties

The average number of vulnerabilities discovered in a Cyberpion scan of external Fortune 500 networks (such as cloud systems) was 296, many critical (with the top of the scale weighing in at a staggering 7,500).

Security Tool Guts: How Much Should Customers See?

Yaron Kassner, CTO of Silverfort, delves into the pros and cons of transparency when it comes to cybersecurity tools’ algorithms.

Robinhood Trading Platform Data Breach Hits 7M Customers

The cyberattacker attempted to extort the company after socially engineering a customer service employee to gain access to email addresses and more.