Month: August 2024

Application Security, Software Security

Issued by: CSO Online

Black Hat USA 2024 once again served as a launchpad for several cybersecurity products and services with many notable vendors as well as up-and-coming startups showcasing their innovations at the annual conference, held this week in Las Vegas. The event, alongside the RSA Conference, remains a pivotal moment in the cybersecurity calendar, offering insights into…

Vulnerabilities

Issued by: Dark Reading

A critical pre-authentication remote code execution (RCE) security vulnerability in Apache OFBiz could open organizations to data theft, lateral movement by threat actors into various applications and parts of their networks, and more. The bug, tracked as CVE-2024-38856, carries a notably high CVSS score of 9.8, given how impactful exploitation could be. Apache OFBiz is…

Malware & Threats

Issued by: Dark Reading

China-linked advanced persistent threat group APT41 appears to have compromised a government-affiliated institute in Taiwan that conducts research on advanced computing and associated technologies. The intrusion began in July 2023, with the threat actor gaining initial access to the victim environment via undetermined means. Since then, it has deployed multiple malware tools, including the well-known…