Viavi Observer Sentry provides threat visibility into AWS environments

Viavi Solutions unveiled Observer Sentry, Software-as-a-Service-based Threat Exposure Management providing SecOps, DevOps, and cloud architects much-needed threat visibility into ever-changing AWS environments. The 2023 State of the Network study from VIAVI revealed increases in enterprises’ dependence on the cloud, dissatisfaction with cloud visibility, and time spent on security issues. In an effort to continuously improve […]

Read More

China’s ICS Cyber Onslaught Aimed at Gaining Kinetic Warfare Advantage

China’s onslaught of cyberattacks on critical infrastructure is likely a contingency move designed to gain a strategic advantage in the event of kinetic warfare, according to the US Department of Defense (DoD). The agency’s 2023 Cyber Strategy released this week flagged an uptick in state-sponsored cybercrime from the People’s Republic of China (PRC), specifically against […]

Read More

Microsoft Uncovers Flaws in ncurses Library Affecting Linux and macOS Systems

Sep 14, 2023THNEndpoint Security / Vulnerability A set of memory corruption flaws have been discovered in the ncurses (short for new curses) programming library that could be exploited by threat actors to run malicious code on vulnerable Linux and macOS systems. “Using environment variable poisoning, attackers could chain these vulnerabilities to elevate privileges and run […]

Read More

Ballistic Bobcat’s Sponsor backdoor – Week in security with Tony Anscombe

Video Ballistic Bobcat is a suspected Iran-aligned cyberespionage group that targets organizations in various industry verticals, as well as human rights activists and journalists, mainly in Israel, the Middle East, and the United States 14 Sep 2023 This week, ESET researchers unveiled their findings about a campaign by the Ballistic Bobcat APT group that deployed […]

Read More

CISO Global Threat Informed captures and analyzes data posted to darknets

CISO Global is expanding its capabilities by deepening its threat intelligence feed and incorporating it into existing services. Named ‘Threat Informed’, this new data stream mines the DarkNet, an overlay of secret networks comprised of communication channels that can only be accessed with specific software and processes used mostly by malicious hackers, to identify cybersecurity […]

Read More

Zero Day Summer: Microsoft Warns of Fresh New Software Exploits

Microsoft’s struggles with zero-day exploits rolled into a new month with a fresh warning that two new Windows vulnerabilities are being targeted by malware attacks in the wild. As part of its scheduled batch of Patch Tuesday security fixes, Redmond’s security response team flagged the two zero-days — CVE-2023-36761 and CVE-2023-36802 — in the “exploitation […]

Read More

Millions Infected by Spyware Hidden in Fake Telegram Apps on Google Play

Sep 09, 2023THNMobile Security / Spyware Spyware masquerading as modified versions of Telegram have been spotted in the Google Play Store that’s designed to harvest sensitive information from compromised Android devices. According to Kaspersky security researcher Igor Golovin, the apps come with nefarious features to capture and exfiltrate names, user IDs, contacts, phone numbers, and […]

Read More

PallyCon DRM License Cipher protects users against software-level DRM vulnerabilities

PallyCon has introduced a new feature called PallyCon DRM License Cipher, designed to address vulnerabilities in software-level DRM solutions. In today’s digital era, the protection of digital content is more crucial than ever. Digital Rights Management (DRM) systems stand as the first line of defense, ensuring that copyrighted content remains secure and accessible only to […]

Read More