Month: March 2022

Network Security

Issued by: Security Week

The Austin, Texas-based Rumble on Monday announced it had banked a new $15 million in Series A financing from Decibel Partners and a laundry-list of boldface cybersecurity practitioners. Rumble, created by HD Moore (of Metasploit fame), sells technology to help defenders monitor exposed attack surfaces. The company said the new money will help accelerate go-to-market…

Vulnerabilities

Issued by: Security Week

An advisory released earlier this month by Japan’s JPCERT/CC revealed that the product is affected by five use-after-free and out-of-bounds vulnerabilities, all with a CVSS score of 7.8. CX-Programmer, which is part of Omron’s CX-One automation software suite, is designed for programming and debugging Omron programmable logic controllers (PLCs). According to the U.S. Cybersecurity and…

Malware & Threats

Issued by: Security Week

Even before Russian troops poured across the border into Ukraine last month, Western observers had warned of massive attacks on Ukraine’s IT infrastructure, likely launched by Russian government agents or, by proxy, private hackers which give the government plausible deniability. The entire range of cyberattacks is within Russia’s capabilities, from blocking banking systems, shutting down…

Application Security

Issued by: Security Week

Terms of the agreement were not disclosed The company’s MDR solution augments customers’ existing cybersecurity resources to protect on-premise, cloud, SaaS, and hybrid environments, and meet regulatory requirements, including PCI DSS, HIPAA HITECH, GDPR, Sarbanes-Oxley (SOX), SOC 2, NIST 800-171 and 800-53, ISO 27001, COBIT, and more. Houston, Texas-based Alert Logic, which claims more than…

Cloud Security

Issued by: CIO Security

Today’s cloud strategies revolve around two distinct poles: the “lift and shift” approach, in which applications and associated data are moved to the cloud without being redesigned; and the “cloud-first” approach, in which applications are developed or redesigned specifically for the cloud. By far the fastest approach is to lift and shift the whole environment,…

Software Security

Issued by: CyberArk Blog

People expect nothing short of exceptional from their personal tech experiences. Yet these lofty, consumer-driven standards haven’t really applied to work-issued technology until recently. Now with ample work-from-anywhere time under their belts, workers are demanding more of the enterprise applications they use to do their jobs. And if user-centric Identity and Access Management (IAM) protections…

Vulnerabilities

Issued by: CSO

Security researchers have found several vulnerabilities affecting many models of APC Smart-UPS uninterruptible power supplies that could be exploited to take over the devices. UPS devices are used across many industries to keep mission-critical devices running in case of power loss. “Two of these are remote code execution (RCE) vulnerabilities in the code handling the…

Vulnerabilities

Issued by: Dark Reading

Microsoft today issued security updates for 71 software vulnerabilities, three of which were critical and one that has a known proof-of-concept available in the public domain. Among the most notable flaws fixed today by Microsoft are: CVE-2022-23277 Microsoft Exchange Server Remote Code Execution Vulnerability This is a critical bug that could allow an attacker who…