Audit finds weaknesses in FBI’s inventory management and disposition procedures for drives containing sensitive information.
The post FBI Exposing Sensitive Data via Improper Handling of Storage Devices: Audit appeared first on SecurityWeek.
Category Added in a WPeMatico Campaign
Russian Member of Karakurt Cyber Extortion Gang Charged in US
Deniss Zolotarjovs was charged in a US court for extorting victims and laundering cryptocurrency as part of the Karakurt cyber extortion group.
The post Russian Member of Karakurt Cyber Extortion Gang Charged in US appeared first on SecurityWeek.
SolarWinds Leaks Credentials in Hotfix for Exploited Web Help Desk Flaw
SolarWinds has issued a Web Help Desk hotfix to remove hardcoded credentials from last week’s hotfix for a critical-severity vulnerability.
The post SolarWinds Leaks Credentials in Hotfix for Exploited Web Help Desk Flaw appeared first on SecurityWeek.
Oil Giant Halliburton Confirms Cyberattack, Details Scarce
US oil giant Halliburton confirmed its computer systems were hit by a cyberattack that affected operations at its Houston offices.
The post Oil Giant Halliburton Confirms Cyberattack, Details Scarce appeared first on SecurityWeek.
China-Linked ‘Velvet Ant’ Hackers Exploited Zero-Day to Deploy Malware on Cisco Nexus Switches
Hackers gained access to the switch using valid administrator credentials, and then ‘jailbroke’ from the application level into the OS level.
The post China-Linked ‘Velvet Ant’ Hackers Exploited Zero-Day to Deploy Malware on Cisco Nexus Switches appeared first on SecurityWeek.
Two Years On, Log4Shell Vulnerability Still Being Exploited to Deploy Malware
More than two years after the Log4j crisis, organizations are still being hit by crypto-currency miners and backdoor scripts.
The post Two Years On, Log4Shell Vulnerability Still Being Exploited to Deploy Malware appeared first on SecurityWeek.
Understanding the ‘Morphology’ of Ransomware: A Deeper Dive
Ransomware isn’t just about malware. It’s about brands, trust, and the shifting allegiances of cybercriminals.
The post Understanding the ‘Morphology’ of Ransomware: A Deeper Dive appeared first on SecurityWeek.
Atlassian Patches Vulnerabilities in Bamboo, Confluence, Crowd, Jira
Atlassian has released patches for nine high-severity vulnerabilities in Bamboo, Confluence, Crowd, and Jira products.
The post Atlassian Patches Vulnerabilities in Bamboo, Confluence, Crowd, Jira appeared first on SecurityWeek.
CISA Warns of Exploited Vulnerabilities Impacting Dahua Products
CISA warns that attackers are exploiting two critical-severity authentication bypass vulnerabilities impacting multiple Dahua products.
The post CISA Warns of Exploited Vulnerabilities Impacting Dahua Products appeared first on SecurityWeek.
CrowdStrike Hits Back at Action1 Following $1 Billion Acquisition Rumors
CrowdStrike has denied having any significant acquisition talks with patch management firm Action1 following rumors of a $1 billion deal.
The post CrowdStrike Hits Back at Action1 Following $1 Billion Acquisition Rumors appeared first on SecurityWeek.