Considerations for Operational Technology Cybersecurity
Operational Technology (OT) refers to the hardware and software used to change, monitor, or control the enterprise's physical devices, processes, and events. Unlike traditional...
New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks
New research has found that the CONTINUATION frame in the HTTP/2 protocol can be exploited to conduct denial-of-service (DoS) attacks.The technique has been codenamed...
Ivanti Rushes Patches for 4 New Flaw in Connect Secure and Policy Secure
Ivanti has released security updates to address four security flaws impacting Connect Secure and Policy Secure Gateways that could result in code execution and...
Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies
Google has disclosed that two Android security flaws impacting its Pixel smartphones have been exploited in the wild by forensic companies.The high-severity zero-day vulnerabilities...
U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers
The U.S. Cyber Safety Review Board (CSRB) has criticized Microsoft for a series of security lapses that led to the breach of nearly two...
Google Chrome Beta Tests New DBSC Protection Against Cookie-Stealing Attacks
Google on Tuesday said it's piloting a new feature in Chrome called Device Bound Session Credentials (DBSC) to help protect users against session cookie...
Attack Surface Management vs. Vulnerability Management
Attack surface management (ASM) and vulnerability management (VM) are often confused, and while they overlap, they're not the same. The main difference between attack...
Mispadu Trojan Targets Europe, Thousands of Credentials Compromised
The banking trojan known as Mispadu has expanded its focus beyond Latin America (LATAM) and Spanish-speaking individuals to target users in Italy, Poland, and...
Critical Security Flaw Found in Popular LayerSlider WordPress Plugin
A critical security flaw impacting the LayerSlider plugin for WordPress could be abused to extract sensitive information from databases, such as password hashes.The flaw,...
Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution
The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable of facilitating...
