Security
Headlines
HeadlinesLatestCVEs

Tag

#web

Ransomware Has Outsized Impact on Gas, Energy & Utility Firms

Attackers are more likely to target critical infrastructure industries and, when they do, they cause more disruption and ask higher ransoms, with the median payment topping $2.5 million.

DARKReading
#vulnerability#web#intel#auth
Faulty CrowdStrike Update Crashes Windows Systems, Impacting Businesses Worldwide

Businesses across the world have been hit by widespread disruptions to their Windows workstations stemming from a faulty update pushed out by cybersecurity company CrowdStrike. "CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts," the company's CEO George Kurtz said in a statement. "Mac and Linux hosts are not impacted. This is

Safeguard Personal and Corporate Identities with Identity Intelligence

Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill’s threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk.  In the current cyber threat landscape, the protection of personal and corporate identities has become vital.

GHSA-5m3j-pxh7-455p: Apache CXF: SSRF vulnerability via WADL stylesheet parameter

A SSRF vulnerability in WADL service description in versions of Apache CXF before 4.0.5, 3.6.4 and 3.5.9 allows an attacker to perform SSRF style attacks on REST webservices. The attack only applies if a custom stylesheet parameter is configured.

Summary of "AI Leaders Spill Their Secrets" Webinar

Event Overview The "AI Leaders Spill Their Secrets" webinar, hosted by Sigma Computing, featured prominent AI experts sharing their experiences and strategies for success in the AI industry. The panel included Michael Ward from Sardine, Damon Bryan from Hyperfinity, and Stephen Hillian from Astronomer, moderated by Zalak Trivedi, Sigma Computing's Product Manager. Key Speakers and Their

Huge Microsoft Outage Linked to CrowdStrike Takes Down Computers Around the World

A software update from cybersecurity company CrowdStrike appears to have inadvertently disrupted IT systems globally.

APT41 Infiltrates Networks in Italy, Spain, Taiwan, Turkey, and the U.K.

Several organizations operating within global shipping and logistics, media and entertainment, technology, and automotive sectors in Italy, Spain, Taiwan, Thailand, Turkey, and the U.K. have become the target of a "sustained campaign" by the prolific China-based APT41 hacking group. "APT41 successfully infiltrated and maintained prolonged, unauthorized access to numerous victims' networks since

GHSA-82m2-cv7p-4m75: Kubernetes sets incorrect permissions on Windows containers logs

A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs.

High-Severity Cisco Bug Grants Attackers Password Access

The vulnerability was given the highest CVSS score possible, though few details have been released due to its severity.

It's best to just assume you’ve been involved in a data breach somehow

Telecommunications provider AT&T disclosed earlier this month that adversaries stole a cache of data that contained the phone numbers and call records of “nearly all” of its customers.