Microsoft warned today that ransomware gangs are actively exploiting a VMware ESXi authentication bypass vulnerability in attacks. […]
Critical Flaw in Acronis Cyber Infrastructure Exploited in the Wild
Cybersecurity company Acronis is warning that a now-patched critical security flaw impacting its Cyber Infrastructure (ACI) product has been exploited in the wild.
The vulnerability, tracked as CVE-2023-45249 (CVSS score: 9.8), concerns a case of remote code execution that stems from the use of default passwords.
The flaw impacts the following versions of Acronis Cyber Infrastructure (ACI) –
The vulnerability, tracked as CVE-2023-45249 (CVSS score: 9.8), concerns a case of remote code execution that stems from the use of default passwords.
The flaw impacts the following versions of Acronis Cyber Infrastructure (ACI) –
&
HealthEquity says data breach impacts 4.3 million people
HSA provider HealthEquity has determined that a cybersecurity incident disclosed earlier this month has compromised the information of 4,300,000 people. […]
Proofpoint settings exploited to send millions of phishing emails daily
A massive phishing campaign dubbed “EchoSpoofing” exploited a security gap in Proofpoint’s email protection service to dispatch millions of spoofed emails impersonating big entities like Disney, Nike, IBM, and Coca-Cola, to target Fortune 100 companies. […]
Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails
An unknown threat actor has been linked to a massive scam campaign that exploited an email routing misconfiguration in email security vendor Proofpoint’s defenses to send millions of messages spoofing various legitimate companies.
“These emails echoed from official Proofpoint email relays with authenticated SPF and DKIM signatures, thus bypassing major security protections — all to deceive
“These emails echoed from official Proofpoint email relays with authenticated SPF and DKIM signatures, thus bypassing major security protections — all to deceive
Millions of Websites Susceptible XSS Attack via OAuth Implementation Flaw
Researchers discovered and published details of an XSS attack that could potentially impact millions of websites around the world.
The post Millions of Websites Susceptible XSS Attack via OAuth Implementation Flaw appeared first on SecurityWeek.
Acronis Product Vulnerability Exploited in the Wild
Acronis warns of a critical-severity Acronis Cyber Infrastructure (ACI) vulnerability being exploited in attacks.
The post Acronis Product Vulnerability Exploited in the Wild appeared first on SecurityWeek.
4.3 Million Impacted by HealthEquity Data Breach
HealthEquity says the personal and health information of 4.3 million individuals was compromised in a data breach.
The post 4.3 Million Impacted by HealthEquity Data Breach appeared first on SecurityWeek.
How Searchable Encryption Changes the Data Security Game
Searchable Encryption has long been a mystery. An oxymoron. An unattainable dream of cybersecurity professionals everywhere.
Organizations know they must encrypt their most valuable, sensitive data to prevent data theft and breaches. They also understand that organizational data exists to be used. To be searched, viewed, and modified to keep businesses running. Unfortunately, our Network and
Organizations know they must encrypt their most valuable, sensitive data to prevent data theft and breaches. They also understand that organizational data exists to be used. To be searched, viewed, and modified to keep businesses running. Unfortunately, our Network and
SecurityWeek Analysis: 178 Cybersecurity M&A Deals Announced in First Half of 2024
178 cybersecurity M&A deals were announced in the first half of 2024, the smallest half year number since SecurityWeek started tracking them.
The post SecurityWeek Analysis: 178 Cybersecurity M&A Deals Announced in First Half of 2024 appeared first on SecurityWeek.