Viavi Solutions unveiled Observer Sentry, Software-as-a-Service-based Threat Exposure Management providing SecOps, DevOps, and cloud architects much-needed threat visibility into ever-changing AWS environments. The 2023 State of the Network study from VIAVI revealed increases in enterprises’ dependence on the cloud, dissatisfaction with cloud visibility, and time spent on security issues. In an effort to continuously improve […]
Chip giant Intel announced on the second day of its Intel Innovation 2023 event the general availability of an attestation service that is part of Trust Authority, a new portfolio of security software and services. The new attestation software-as-a-service, codenamed Project Amber, is the first service in the Intel Trust Authority portfolio. It offers a […]
China’s onslaught of cyberattacks on critical infrastructure is likely a contingency move designed to gain a strategic advantage in the event of kinetic warfare, according to the US Department of Defense (DoD). The agency’s 2023 Cyber Strategy released this week flagged an uptick in state-sponsored cybercrime from the People’s Republic of China (PRC), specifically against […]
Sep 14, 2023THNEndpoint Security / Vulnerability A set of memory corruption flaws have been discovered in the ncurses (short for new curses) programming library that could be exploited by threat actors to run malicious code on vulnerable Linux and macOS systems. “Using environment variable poisoning, attackers could chain these vulnerabilities to elevate privileges and run […]
Video Ballistic Bobcat is a suspected Iran-aligned cyberespionage group that targets organizations in various industry verticals, as well as human rights activists and journalists, mainly in Israel, the Middle East, and the United States 14 Sep 2023 This week, ESET researchers unveiled their findings about a campaign by the Ballistic Bobcat APT group that deployed […]
CISO Global is expanding its capabilities by deepening its threat intelligence feed and incorporating it into existing services. Named ‘Threat Informed’, this new data stream mines the DarkNet, an overlay of secret networks comprised of communication channels that can only be accessed with specific software and processes used mostly by malicious hackers, to identify cybersecurity […]
Microsoft’s struggles with zero-day exploits rolled into a new month with a fresh warning that two new Windows vulnerabilities are being targeted by malware attacks in the wild. As part of its scheduled batch of Patch Tuesday security fixes, Redmond’s security response team flagged the two zero-days — CVE-2023-36761 and CVE-2023-36802 — in the “exploitation […]
Sep 09, 2023THNMobile Security / Spyware Spyware masquerading as modified versions of Telegram have been spotted in the Google Play Store that’s designed to harvest sensitive information from compromised Android devices. According to Kaspersky security researcher Igor Golovin, the apps come with nefarious features to capture and exfiltrate names, user IDs, contacts, phone numbers, and […]
Every so often, a new statistic makes headlines about the number of open jobs in America’s cybersecurity workforce — 359,000 in 2020, about 465,000 in 2021, and more than 700,000 in 2022. The pressure is on to close the gap, particularly with the latest US National Cybersecurity Strategy envisioning an industry in which “every organization […]
PallyCon has introduced a new feature called PallyCon DRM License Cipher, designed to address vulnerabilities in software-level DRM solutions. In today’s digital era, the protection of digital content is more crucial than ever. Digital Rights Management (DRM) systems stand as the first line of defense, ensuring that copyrighted content remains secure and accessible only to […]