The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Yin Kecheng, a Shanghai-based hacker for his role in the recent Treasury breach and a company associated with the Salt Typhoon threat group. […]
Wolf Haldenstein Data Breach Impacts 3.4 Million People
Law firm Wolf Haldenstein Adler Freeman & Herz LLP says more than 3.4 million people were impacted by a December 2023 data breach.
The post Wolf Haldenstein Data Breach Impacts 3.4 Million People appeared first on SecurityWeek.
FCC orders telecoms to secure their networks after Salt Tyhpoon hacks
The Federal Communications Commission (FCC) has ordered U.S. telecommunications carriers to secure their networks following last year’s Salt Typhoon security breaches. […]
Microsoft starts force upgrading Windows 11 22H2, 23H3 devices
Microsoft has started the forced rollout of Windows 11 24H2 to eligible, non-managed systems running the Home and Pro editions of Windows 11 22H2 and 23H2. […]
Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation
Cybersecurity researchers have disclosed three security flaws in Planet Technology’s WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on susceptible devices.
“These switches are widely used in building and home automation systems for a variety of networking applications,” Claroty’s Tomer Goldschmidt said in a Thursday report. “An attacker
“These switches are widely used in building and home automation systems for a variety of networking applications,” Claroty’s Tomer Goldschmidt said in a Thursday report. “An attacker
Python-Based Bots Exploiting PHP Servers Fuel Gambling Platform Proliferation
Cybersecurity researchers have exposed a new campaign that targets web servers running PHP-based applications to promote gambling platforms in Indonesia.
“Over the past two months, a significant volume of attacks from Python-based bots has been observed, suggesting a coordinated effort to exploit thousands of web apps,” Imperva researcher Daniel Johnston said in an analysis. “These attacks
“Over the past two months, a significant volume of attacks from Python-based bots has been observed, suggesting a coordinated effort to exploit thousands of web apps,” Imperva researcher Daniel Johnston said in an analysis. “These attacks
Google Releases Open Source Library for Software Composition Analysis
Google releases OSV-SCALIBR, an open source library for software composition analysis and file system scanning.
The post Google Releases Open Source Library for Software Composition Analysis appeared first on SecurityWeek.
US Announces Sanctions Against North Korean Fake IT Worker Network
The US Treasury has sanctioned two individuals and four entities involved in the North Korean fake IT worker scheme.
The post US Announces Sanctions Against North Korean Fake IT Worker Network appeared first on SecurityWeek.
Industry Reactions to Biden’s Cybersecurity Executive Order: Feedback Friday
Industry professionals comment on the Biden administration’s new executive order on cybersecurity.
The post Industry Reactions to Biden’s Cybersecurity Executive Order: Feedback Friday appeared first on SecurityWeek.
How to Bring Zero Trust to Wi-Fi Security with a Cloud-based Captive Portal?
Recent data breaches have highlighted the critical need to improve guest Wi-Fi infrastructure security in modern business environments. Organizations face increasing pressure to protect their networks while providing convenient access to visitors, contractors, temporary staff, and employees with BYOD. Implementing secure guest Wi-Fi infrastructure has become essential for authenticating access,