NXM Labs, Inc., a leader in advanced cybersecurity software for connected devices, today unveiled its NXM Autonomous Security(TM) platform that prevents hackers from gaining unauthorized access to commercial, industrial, medical, or consumer internet of things (IoT) devices. Tested in collaboration with the Jet Propulsion Laboratory (JPL), California Institute of Technology (Caltech), NXM successfully demonstrated the…

Attackers once focused on exploiting ProxyLogon Microsoft Exchange server vulnerabilities have made a pivot to the new SessionManager backdoor, which can be used to gain persistent, undetected access to emails — and even take over the target organization’s infrastructure. Researchers from Kaspersky today report the emergence of SessionManager, which they say is part of a…

The 2022 CWE Top 25 Most Dangerous Software Weaknesses list contains the most common and impactful weaknesses, and is based on the analysis of nearly 38,000 CVE records from the previous two years. Out-of-bounds write and cross-site scripting (XSS) remain the two most dangerous vulnerabilities. Some of the most significant changes include race conditions moving…

According to the “2022 Verizon Data Breach Investigations Report,” stolen credentials were the top path leading to data breaches. More often than phishing or exploiting vulnerabilities, attackers gain direct access to credentials, letting them virtually walk into victim organizations using the front door. Low-code/no-code platforms make it extremely easy for users to share their credentials…

The Black Basta ransomware emerged last month to target Windows-based systems only, but now the latest ransomware binary is going after VMware virtual machines (VMs). The latest variant looks to encrypt VMs present inside the volumes folder (/vmfs/volumes) on ESXi-based systems and servers, according to research shared with Dark Reading by Uptycs. It uses the…

The new feature, named Rapid Security Response, will become available in the upcoming iOS 16 and macOS Ventura, both scheduled for release in late 2022. According to Apple, important security updates will be delivered to iPhones and Macs in between standard software updates. In addition, they can be applied automatically and they do not require…

Our nation is facing some of the most daunting cybersecurity challenges in history. As the new Office of the National Cyber Director (ONCD) gets fully staffed and running, little is more important to the nation’s security than making sure the right people are in the right places to address these dynamic challenges. Bringing private industry…