All sessions from the 2024 CISO Forum Virtual Summit are now available to watch on demand.
The post CISO Forum Virtual Summit: Full Session List On Demand appeared first on SecurityWeek.
Master Certificate Management: Join This Webinar on Crypto Agility and Best Practices
In the fast-paced digital world, trust is everything—but what happens when that trust is disrupted? Certificate revocations, though rare, can send shockwaves through your operations, impacting security, customer confidence, and business continuity. Are you prepared to act swiftly when the unexpected happens?
Join DigiCert’s exclusive webinar, “When Shift Happens: Are You Ready for Rapid
Join DigiCert’s exclusive webinar, “When Shift Happens: Are You Ready for Rapid
Man Who Stole and Laundered Roughly $1B in Bitcoin Is Sentenced to 5 Years in Prison
Bitfinex hacker Ilya Lichtenstein, who stole bitcoin worth billions of dollars at current prices, has been sentenced to five years in prison.
The post Man Who Stole and Laundered Roughly $1B in Bitcoin Is Sentenced to 5 Years in Prison appeared first on SecurityWeek.
Vietnamese Hacker Group Deploys New PXA Stealer Targeting Europe and Asia
A Vietnamese-speaking threat actor has been linked to an information-stealing campaign targeting government and education entities in Europe and Asia with a new Python-based malware called PXA Stealer.
The malware “targets victims’ sensitive information, including credentials for various online accounts, VPN and FTP clients, financial information, browser cookies, and data from gaming software,”
The malware “targets victims’ sensitive information, including credentials for various online accounts, VPN and FTP clients, financial information, browser cookies, and data from gaming software,”
CISA Warns of Two More Palo Alto Expedition Flaws Exploited in Attacks
CISA has added two more Palo Alto Networks Expedition flaws, CVE-2024-9463 and CVE-2024-9465, to its KEV catalog.
The post CISA Warns of Two More Palo Alto Expedition Flaws Exploited in Attacks appeared first on SecurityWeek.
Critical Plugin Flaw Exposed 4 Million WordPress Websites to Takeover
Over 4 million WordPress websites were impacted by a critical Really Simple Security plugin vulnerability providing full administrative access.
The post Critical Plugin Flaw Exposed 4 Million WordPress Websites to Takeover appeared first on SecurityWeek.
How AI Is Transforming IAM and Identity Security
In recent years, artificial intelligence (AI) has begun revolutionizing Identity Access Management (IAM), reshaping how cybersecurity is approached in this crucial field. Leveraging AI in IAM is about tapping into its analytical capabilities to monitor access patterns and identify anomalies that could signal a potential security breach. The focus has expanded beyond merely managing human
Palo Alto Networks Confirms New Firewall Zero-Day Exploitation
Palo Alto Networks has confirmed that a zero-day is being exploited in attacks after investigating claims of a firewall remote code execution flaw.
The post Palo Alto Networks Confirms New Firewall Zero-Day Exploitation appeared first on SecurityWeek.
LightSpy Spyware Operation Expands to Windows
The Chinese APT behind the LightSpy iOS backdoor has expanded its toolset with DeepData, a modular Windows-based surveillance framework.
The post LightSpy Spyware Operation Expands to Windows appeared first on SecurityWeek.
High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables
Cybersecurity researchers have disclosed a high-severity security flaw in the PostgreSQL open-source database system that could allow unprivileged users to alter environment variables, and potentially lead to code execution or information disclosure.
The vulnerability, tracked as CVE-2024-10979, carries a CVSS score of 8.8.
Environment variables are user-defined values that can allow a program
The vulnerability, tracked as CVE-2024-10979, carries a CVSS score of 8.8.
Environment variables are user-defined values that can allow a program