Month: November 2022

Application Security, Network Security

Issued by: Security Week

A few state and local governments appeared to be hit by a relatively rudimentary form of cyberattack that periodically made public websites unreachable. But U.S. and local officials said Wednesday that none breached vote-counting infrastructure. “We have seen no evidence that any voting system deleted or lost votes, changed votes, or was any way compromised…

Malware & Threats

Issued by: Dark Reading

Take a moment to consider how frequently you authenticate your identity online: checking your email, logging in to your bank account, accessing cloud-based productivity tools, booking a flight, paying your taxes. We confirm our identities so many times every day that things like providing personally identifiable information and confirming a login attempt through our smartphones…

Application Security

Issued by: Security Week

The company says its API security platform provides complete visibility and control. Its capabilities include automated inventory and change management, and the platform enables organizations to identify rogue and shadow APIs, and analyze business risk and impact. Wib was founded in August 2021 by serial entrepreneur Gil Don (CEO), Ran Ohayon (CRO) and Tal Steinherz….

Malware & Threats

Issued by: Security Week

For the second consecutive month, the world’s largest software maker rushed out patches to cover vulnerabilities that were already exploited as zero-days in the wild, including a pair of belated fixes for Microsoft Exchange Server security defects targeted by a state-sponsored threat actor for several months. As part of its scheduled Patch Tuesday update process,…

Malware & Threats

Issued by: Security Week

Medibank told investors that a “sample” of data from some 9.7 million clients had been posted on a “dark web forum” — and that more leaks were likely. Sensitive records were posted anonymously in the early hours of Wednesday and included names, birth dates, passport numbers and information on medical claims for hundreds of customers….

Application Security

Issued by: Security Week

The security and fraud prevention firm’s platform identifies bad behavior in real time by continuously assessing users’ digital interactions across websites, applications, and APIs. Darwinium says it takes a new approach to customer protection by combining internal cybersecurity tools with fraud-prevention tools, in a single view. The startup aims to prevent account compromise and online…

Vulnerabilities

Issued by: Security Week

The world’s largest software maker is warning that China-based nation state threat actors are taking advantage of a one-year-old law to “stockpile” zero-days for use in sustained malware attacks. According to a new report released Friday by Microsoft, China’s government hacking groups have become “particularly proficient at discovering and developing zero-day exploits” after strict mandates…

Malware & Threats

Issued by: Security Week

The defendants, Andi Jacques, Monika Shauntel Jenkins, Louis Noel Michel, Jeff Jordan Propht-Francisque, Dickenson Elan, Michael Jean Poix, Vladimyr Cherelus, and Louisaint Jolteus, allegedly worked together to perform computer intrusions and fraud. An indictment unsealed this week alleges that, between 2015 and 2019, the defendants along with others, including a now-deceased conspirator referred to as…

Vulnerabilities

Issued by: Security Week

One of the high-severity issues affects FortiTester and it allows an authenticated attacker to execute commands via specially crafted arguments to existing commands. FortiSIEM is affected by a vulnerability that allows a local attacker with command-line access to perform operations on the Glassfish server directly via a hardcoded password. The remaining high-severity flaws are stored…