Today, CISA warned that attackers are exploiting a critical missing authentication vulnerability in Palo Alto Networks Expedition, a migration tool that can help convert firewall configuration from Checkpoint, Cisco, and other vendors to PAN-OS. […]
Nokia says hackers leaked third-party app source code
Nokia’s investigation of recent claims of a data breach found that the source code leaked on a hacker forum belongs to a third party and company and customer data has not been impacted. […]
North Korean Hackers Target macOS Users with Fake Crypto PDFs
North Korean cryptocurrency thieves caught targeting macOS with fake PDF applications, backdoors and new persistence tactics.
The post North Korean Hackers Target macOS Users with Fake Crypto PDFs appeared first on SecurityWeek.
Canada orders TikTok to shut down over national risk concerns
The Canadian government has ordered the dissolution of TikTok Technology Canada following a multi-step review that provided information and evidence of the social media company posing a national risk. […]
HPE warns of critical RCE flaws in Aruba Networking access points
Hewlett Packard Enterprise (HPE) released updates for Instant AOS-8 and AOS-10 software to address two critical vulnerabilities in Aruba Networking Access Points. […]
The Biggest Inhibitor of Cybersecurity: The Human Element
Essential steps such as security awareness training, MFA, and Zero Trust identity management help organizations reduce the human element and stay ahead in the cybersecurity curve.
The post The Biggest Inhibitor of Cybersecurity: The Human Element appeared first on SecurityWeek.
Embed Security Raises $6 Million to Help Overworked Analysts
Embed Security has raised $6 million in an early stage funding round led by Paladin Capital Group.
The post Embed Security Raises $6 Million to Help Overworked Analysts appeared first on SecurityWeek.
‘SteelFox’ Miner and Information Stealer Bundle Emerges
Impersonating legitimate software such as Foxit PDF Editor and AutoCAD, the SteelFox crimeware bundle steals user information.
The post ‘SteelFox’ Miner and Information Stealer Bundle Emerges appeared first on SecurityWeek.
North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS
A threat actor with ties to the Democratic People’s Republic of Korea (DPRK) has been observed targeting cryptocurrency-related businesses with a multi-stage malware capable of infecting Apple macOS devices.
Cybersecurity company SentinelOne, which dubbed the campaign Hidden Risk, attributed it with high confidence to BlueNoroff, which has been previously linked to malware families such as
Cybersecurity company SentinelOne, which dubbed the campaign Hidden Risk, attributed it with high confidence to BlueNoroff, which has been previously linked to malware families such as
Cisco Patches Critical Vulnerability in Industrial Networking Solution
A critical vulnerability in Cisco Unified Industrial Wireless software could allow remote, unauthenticated attackers to inject commands with root privileges.
The post Cisco Patches Critical Vulnerability in Industrial Networking Solution appeared first on SecurityWeek.