Continuous automated red teaming platform provider WatchTowr has raised $19 million in a Series A funding round.
The post Attack Surface Management Startup WatchTowr Raises $19 Million appeared first on SecurityWeek.
Organizations Warned of Exploited Fortinet FortiOS Vulnerability
CISA has added a FortinetFortiOS vulnerability tracked as CVE-2024-23113 to its Known Exploited Vulnerabilities (KEV) catalog.
The post Organizations Warned of Exploited Fortinet FortiOS Vulnerability appeared first on SecurityWeek.
Firefox 131 Update Patches Exploited Zero-Day Vulnerability
Mozilla has released a Firefox 131 update to resolve CVE-2024-9680, a code execution vulnerability exploited in the wild as a zero-day.
The post Firefox 131 Update Patches Exploited Zero-Day Vulnerability appeared first on SecurityWeek.
Cybercriminals Use Unicode to Hide Mongolian Skimmer in E-Commerce Platforms
Cybersecurity researchers have shed light on a new digital skimmer campaign that leverages Unicode obfuscation techniques to conceal a skimmer dubbed Mongolian Skimmer.
“At first glance, the thing that stood out was the script’s obfuscation, which seemed a bit bizarre because of all the accented characters,” Jscrambler researchers said in an analysis. “The heavy use of Unicode characters, many
“At first glance, the thing that stood out was the script’s obfuscation, which seemed a bit bizarre because of all the accented characters,” Jscrambler researchers said in an analysis. “The heavy use of Unicode characters, many
CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Fortinet products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The vulnerability, tracked as CVE-2024-23113 (CVSS score: 9.8), relates to cases of remote code execution that affects FortiOS, FortiPAM, FortiProxy, and FortiWeb.
“A
The vulnerability, tracked as CVE-2024-23113 (CVSS score: 9.8), relates to cases of remote code execution that affects FortiOS, FortiPAM, FortiProxy, and FortiWeb.
“A
Firefox Zero-Day Under Attack: Update Your Browser Immediately
Mozilla has revealed that a critical security flaw impacting Firefox and Firefox Extended Support Release (ESR) has come under active exploitation in the wild.
The vulnerability, tracked as CVE-2024-9680, has been described as a use-after-free bug in the Animation timeline component.
“An attacker was able to achieve code execution in the content process by exploiting a use-after-free in
The vulnerability, tracked as CVE-2024-9680, has been described as a use-after-free bug in the Animation timeline component.
“An attacker was able to achieve code execution in the content process by exploiting a use-after-free in
Marriott Agrees to Pay $52 million, Beef up Data Security to Resolve Probes Over Data Breaches
Marriott agreed to pay $52 million and make changes to bolster its data security to resolve claims related to major data breaches that affected more than 300 million customers.
The post Marriott Agrees to Pay $52 million, Beef up Data Security to Resolve Probes Over Data Breaches appeared first on SecurityWeek.
Internet Archive hacked, data breach impacts 31 million users
Internet Archive’s “The Wayback Machine” has suffered a data breach after a threat actor compromised the website and stole a user authentication database containing 31 million unique records. […]
CISA says critical Fortinet RCE flaw now exploited in attacks
Today, CISA revealed that attackers actively exploit a critical FortiOS remote code execution (RCE) vulnerability in the wild. […]
Crypto-stealing malware campaign infects 28,000 people
Over 28,000 people from Russia, Turkey, Ukraine, and other countries in the Eurasian region were impacted by a large-scale cryptocurrency-stealing malware campaign. […]