Veeam released security updates today to address two Service Provider Console (VSPC) vulnerabilities, including a critical remote code execution (RCE) discovered during internal testing. […]
New EU Regulation Establishes European ‘Cybersecurity Shield’
The European Union has adopted new legislation to establish a cybersecurity shield and ensure adequate security standards for managed security services.
The post New EU Regulation Establishes European ‘Cybersecurity Shield’ appeared first on SecurityWeek.
Police seizes largest German online crime marketplace, arrests admin
Germany has taken down the largest online cybercrime marketplace in the country, named “Crimenetwork,” and arrested its administrator for facilitating the sale of drugs, stolen data, and illegal services. […]
FTC bans data brokers from selling Americans’ sensitive location data
Today, the FTC banned data brokers Mobilewalla and Gravy Analytics from harvesting and selling Americans’ location tracking data linked to sensitive locations, like churches, healthcare facilities, military installations, and schools. […]
US Expands List of Chinese Technology Companies Under Export Controls
Commerce Department expanded the list of Chinese technology companies subject to export controls to include many that make equipment used to make computer chips, chipmaking tools and software.
The post US Expands List of Chinese Technology Companies Under Export Controls appeared first on SecurityWeek.
Police seize Matrix encrypted chat service after spying on criminals
An international law enforcement operation codenamed ‘Operation Passionflower’ has shut down MATRIX, an encrypted messaging platform used by cybercriminals to coordinate illegal activities while evading police. […]
Hacker Conversations: Dan McInerney and Puzzle-Driven Hacking
McInerney’s path to becoming a hacker is subtly different to many other hackers. He started as a 22-year old psychology graduate rather than a computer-obsessed 9-year old kid.
The post Hacker Conversations: Dan McInerney and Puzzle-Driven Hacking appeared first on SecurityWeek.
Vendors Unveil New Cloud Security Products, Features at AWS re:Invent 2024
AWS and other vendors have announced new cloud security products and features at the cloud giant’s re:Invent 2024 conference.
The post Vendors Unveil New Cloud Security Products, Features at AWS re:Invent 2024 appeared first on SecurityWeek.
Cisco Warns of Exploitation of Decade-Old ASA WebVPN Vulnerability
Cisco on Monday updated an advisory to warn customers of active exploitation of a decade-old security flaw impacting its Adaptive Security Appliance (ASA).
The vulnerability, tracked as CVE-2014-2120 (CVSS score: 4.3), concerns a case of insufficient input validation in ASA’s WebVPN login page that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack
The vulnerability, tracked as CVE-2014-2120 (CVSS score: 4.3), concerns a case of insufficient input validation in ASA’s WebVPN login page that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack
760,000 Employee Records From Several Major Firms Leaked Online
A hacker has posted online over 760,000 records belonging to employees of Bank of America, Koch, Nokia, JLL, Xerox, Morgan Stanley, and Bridgewater.
The post 760,000 Employee Records From Several Major Firms Leaked Online appeared first on SecurityWeek.