Recently, Cisco warned consumers about several critical and high-severity flaws that lie in its Data Center Network Manager (DCNM) that could lead to remote unauthenticated attackers bypassing authentication on vulnerable devices. DCNM manages Cisco data centers that run the network operating system for Cisco devices. The newly reported flaws exist
Kaspersky’s security researchers have released information on a new cyber-mercenary group that the firm recently discovered and named “Deceptikons.” Kaspersky states that the advanced persistent threat group has been providing hacking services for hire for almost a decade. According to researchers, the APT group is lacking technically and is not
In 2019 Congress passed legislation signed into law by the President establishing the U.S. Cyberspace Solarium Commission, chartered to develop a consensus on a strategic approach to defending the US against cyber attacks of significant consequences. The commission was established to be bi-partisan and also staffed and chartered to be as informed as possible by experts who really know the state of technology and cyber defense today. The commission executed its charter through extensive outreach and dialog with leaders in industry, academia, non-profits and government and produced deliverables that will make a positive change in our nation’s defense.
This special report begins with an executive level overview of key take-aways from the report but transitions into recommended actions for business executives. The report makes it clear that there are actions you can take today that will give your business competitive advantage in the market.
Earlier this week, an Israeli marketing video firm called Promo announced a major data breach in which 14 million accounts were impacted. The Israeli company revealed in an online notice that customer data was compromised due to a vulnerability in a third-party service. Attackers gained access to sensitive data such
North Korean advanced persistent threat (APT) group called Lazarus has emerged with new custom ransomware first spotted by Kaspersky in attacks against two organizations in March and April of this year. Researchers who have been observing the group’s actions state that the strain of ransomware utilized in the attacks is
The US government has charged three individuals who formerly worked for Twitter with more offenses, including fraudulently accessing information and acting as illegal agents of a foreign government. The former Twitter employees were originally charged with two different crimes, however, they are now under scrutiny for seven offenses rather than
Researchers have uncovered a misconfigured cloud server operated by cosmetics brand Avon, allowing the public to access more than 19 million records. SafetyDetectives researchers found the Elasticsearch database on an Azure server that contained no password protection or encryption, meaning that anyone who has the server’s IP address could access
According to Cisco, a high severity flaw in its network security software is being actively exploited by cybercriminals. Cisco’s software is used by many Fortune 500 companies who are now at risk due to the vulnerability, which can lead to remote unauthenticated access to sensitive data. Patches for the flaw
The US CISA and UK NCSC have warned that there are roughly 62,000 QNAP Network Attached Storage devices infected with malware. The compromised devices are located across the globe and are allowing unknown cyber actors to access stored information. The malware variant targeting the QNAP devices has been named QSnatch
A US-based fintech giant has publicly released a statement detailing a data breach the company suffered after researchers discovered a malicious database selling users’ personal information. The company is called Dave and offers digital banking services to its users. Over the past week, researchers investigated claims that Dave’s customers’ details