Park’N Fly is warning that a data breach exposed the personal and account information of 1 million customers in Canada after hackers breached its network. […]
Cribl Raises $319 Million at $3.5 Billion Valuation
The IT and data security firm raises $319 million in a Series E round led by Google Ventures and is now valued at $3.5 billion.
The post Cribl Raises $319 Million at $3.5 Billion Valuation appeared first on SecurityWeek.
How to identify unknown assets while pen testing
External Attack Surface Management (EASM) coupled with Penetration Testing as a Service (PTaaS) can help find those blind spots and hidden assets exposed on your network. Learn more from Outpost24 about how combining EASM and PTaaS can help reveal these hidden pitfalls. […]
Microsoft Sway abused in massive QR code phishing campaign
A massive QR code phishing campaign abused Microsoft Sway, a cloud-based tool for creating online presentations, to host landing pages to trick Microsoft 365 users into handing over their credentials. […]
Chinese Volt Typhoon hackers exploited Versa zero-day to breach ISPs, MSPs
The Chinese state-backed hacking group Volt Typhoon is behind attacks that exploited a zero-day flaw in Versa Director to upload a custom webshell to steal credentials and breach corporate networks. […]
Chinese Volt Typhoon Exploits Versa Director Flaw, Targets U.S. and Global IT Sectors
The China-nexus cyber espionage group tracked as Volt Typhoon has been attributed with moderate confidence to the zero-day exploitation of a recently disclosed high-severity security flaw impacting Versa Director.
The attacks targeted four U.S. victims and one non-U.S. victim in the Internet service provider (ISP), managed service provider (MSP) and information technology (IT) sectors as early
The attacks targeted four U.S. victims and one non-U.S. victim in the Internet service provider (ISP), managed service provider (MSP) and information technology (IT) sectors as early
Code Execution Vulnerability Found in WPML Plugin Installed on 1M WordPress Sites
A critical vulnerability in the WPML WordPress plugin could allow a remote attacker to execute arbitrary code on the server.
The post Code Execution Vulnerability Found in WPML Plugin Installed on 1M WordPress Sites appeared first on SecurityWeek.
CTEM in the Spotlight: How Gartner’s New Categories Help to Manage Exposures
Want to know what’s the latest and greatest in SecOps for 2024? Gartner’s recently released Hype Cycle for Security Operations report takes important steps to organize and mature the domain of Continuous Threat Exposure Management, aka CTEM. Three categories within this domain are included in this year’s report: Threat Exposure Management, Exposure Assessment Platforms (EAP), and Adversarial
When Convenience Costs: CISOs Struggle With SaaS Security Oversight
SaaS applications are so easy to use, the decision, and the deployment, is sometimes undertaken by the business unit user with little reference to, nor oversight from, the security team.
The post When Convenience Costs: CISOs Struggle With SaaS Security Oversight appeared first on SecurityWeek.
Microsoft Convenes Endpoint Security Firms Following CrowdStrike Incident
Microsoft has called together cybersecurity firms and government representatives for its Windows Endpoint Security Ecosystem Summit.
The post Microsoft Convenes Endpoint Security Firms Following CrowdStrike Incident appeared first on SecurityWeek.