All the latest blog posts from the most relevant cyber security companies in the business.

The first of the high-severity bugs, CVE-2024-20321, exists because External Border Gateway Protocol (eBGP) traffic “is mapped to a shared hardware rate-limiter queue”, allowing an unauthenticated, remote attacker to send large amounts of traffic and cause a denial-of-service (DoS) condition. According to Cisco, under certain conditions, the security defect impacts Nexus 3600 series switches and…

Biden’s Executive Order covers personal and sensitive information such as biometric, financial, genomic, geolocation, and personal health data, as well as specific types of personally identifiable information. “Bad actors can use this data to track Americans (including military service members), pry into their personal lives, and pass that data on to other data brokers and…

Yoon’s office said the cyberattack only affected the personal account of the unidentified employee, who violated security protocols by partially using commercial email services to handle official duties. Officials did not specify what type of information was stolen from the staff member’s personal emails but stressed that the office’s overall security system was not affected….

“[We] have confirmed that Volt Typhoon has compromised the IT environments of multiple critical infrastructure organizations in the continental and non-continental United States and its territories, including Guam,” CISA said in an advisory, warning that the hacking team’s choice of targets and pattern of behavior is not consistent with traditional cyber espionage or intelligence gathering…

The operation, announced just before FBI Director Chris Wray addressed House lawmakers, disrupted a botnet of hundreds of U.S.-based small office and home routers owned by private citizens and companies that had been hijacked by the Chinese hackers to cover their tracks as they sowed the malware. Their ultimate targets included water treatment plants, the…

The Microsoft-owned platform received the vulnerability report on December 26, 2023, and took immediate action to address the issue and revoke potentially exposed credentials, which led to disruptions between December 27 and 29. The security defect, which allowed access to credentials within a production container, had no impact beyond the security researcher who identified and…

The vulnerabilities, tracked as CVE-2023-46805 and CVE-2024-21887, affect fully patched Internet-facing Ivanti Connect Secure VPN appliances (formerly known as Pulse Secure) and were caught during in-the-wild zero-day exploitation. Ivanti, a company that has struggled with major security problems, released pre-patch mitigations for the new vulnerabilities but said comprehensive fixes will be released on a staggered…

Financial teams of the acquisition were not released but published reports out of Israel peg the price tag as “several tens of millions of dollars.” The private equity-owned Delinea, formed in April 2012 through the merger of Centrify and Thycotic, said the deal extends its reach into the lucrative identity category and adds technology to…

The account of Mandiant, which is part of Google Cloud, was renamed to ‘Phantom’ and its profile image and description were updated to appear affiliated with the legitimate Phantom cryptocurrency wallet. Messages posted on the hijacked account promoted a website hosted at claim-phntm.com, which claimed to distribute cryptocurrency tokens through an airdrop. In reality, the…