The flaw affects Time-Triggered Ethernet (TTE), a networking technology specifically designed for real-time applications and cyber-physical systems with high safety and availability requirements. TTE is often used to reduce costs and improve efficiency as it allows mission-critical components to exist on the same network hardware as less important systems. For instance, life support systems can…

For the second consecutive month, the world’s largest software maker rushed out patches to cover vulnerabilities that were already exploited as zero-days in the wild, including a pair of belated fixes for Microsoft Exchange Server security defects targeted by a state-sponsored threat actor for several months. As part of its scheduled Patch Tuesday update process,…

The world’s largest software maker is warning that China-based nation state threat actors are taking advantage of a one-year-old law to “stockpile” zero-days for use in sustained malware attacks. According to a new report released Friday by Microsoft, China’s government hacking groups have become “particularly proficient at discovering and developing zero-day exploits” after strict mandates…

A type of cyberattack targeting applications or websites, denial-of-service (DoS) attacks aim to exhaust the target system’s resources to render it inaccessible to legitimate users. DDoS attacks may target server vulnerabilities to overload network resources or to consume these resources through the reflection of a high volume of network traffic to the target, or may…

The round, which brings the total raised by the company to nearly $320 million, was led by BlackRock, with participation from Silicon Valley Bank (SVB). The investment will be used to expand go-to-market strategies and enhance the company’s offering. Versa SASE offers security, networking, and analytics in a single software operating system. The solution is…

Cybersecurity Awareness Month, which was previously known as National Cybersecurity Awareness Month, is in its 19th year. Launched under the guidance of the U.S. Department of Homeland Security and the National Cyber Security Alliance (NCSA), it aims to help Americans stay safe and secure online. This year’s campaign theme – See Yourself in Cyber –…

The vulnerability, which carries a CVSS severity score of 7.3/10, is documented as a debugging port misconfiguration that is opened by the Zoom client on macOS machines. Details from Zoom’s advisory: Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with 5.10.6 and prior to 5.12.0 contains a debugging port misconfiguration. When…

A general-purpose document titled Open Radio Access Network Security Considerations, the guidance is based on current knowledge and recommended practices and should apply to a variety of industries. “Open RAN is the industry term for the evolution of traditional RAN architecture to open interoperable interfaces, virtualization, and big data and AI-enabled intelligence,” the document reads….

On July 15, 2022, threat actors working on behalf of the government of Iran launched a destructive attack targeting the Albanian government’s websites and public services, taking them offline. The attack had less than 10% total impact on the customer environment. The campaign consisted of four different stages, with different actors responsible for every one…