Onboarding new employees is an important time for any organization but comes with a unique set of security risks. Learn more from Specops Software about these risks and how to mitigate them. […]
Opnova Banks Seed Capital to Tackle Security, IT Automation
Serial entrepreneur Sinan Eren is back with Opnova, a startup working on automating security workflows with limited human supervision.
The post Opnova Banks Seed Capital to Tackle Security, IT Automation appeared first on SecurityWeek.
Mysterious “LOVE” packet storms flood the internet since 2020
Internet intelligence firm GreyNoise reports that it has been tracking large waves of “Noise Storms” containing spoofed internet traffic since January 2020. However, despite extensive analysis, it has not concluded its origin and purpose. […]
New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit
The cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server (VPS) infrastructures based on the CentOS operating system.
“The initial access was accomplished via a Secure Shell (SSH) brute force attack on the victim’s assets, during which the threat actor uploaded a malicious script,” Group-IB researchers Vito Alfano and Nam Le
“The initial access was accomplished via a Secure Shell (SSH) brute force attack on the victim’s assets, during which the threat actor uploaded a malicious script,” Group-IB researchers Vito Alfano and Nam Le
CISA: Oracle Vulnerabilities From ‘Miracle Exploit’ Targeted in Attacks
CISA is warning organizations that two Oracle vulnerabilities tracked as CVE-2022-21445 and CVE-2020-14644 are being exploited in the wild.
The post CISA: Oracle Vulnerabilities From ‘Miracle Exploit’ Targeted in Attacks appeared first on SecurityWeek.
Security Validation Firm Picus Security Raises $45 Million
Attack simulation firm has raised $45 million in growth funding, bringing the total amount raised to $80 million.
The post Security Validation Firm Picus Security Raises $45 Million appeared first on SecurityWeek.
Atlassian Patches Vulnerabilities in Bamboo, Bitbucket, Confluence, Crowd
Atlassian’s September 2024 monthly security bulletin details multiple high-severity vulnerabilities in four products.
The post Atlassian Patches Vulnerabilities in Bamboo, Bitbucket, Confluence, Crowd appeared first on SecurityWeek.
Microsoft: US Healthcare Sector Targeted by INC Ransomware Affiliate
Microsoft has observed the threat actor Vanilla Tempest targeting US healthcare organizations with INC ransomware.
The post Microsoft: US Healthcare Sector Targeted by INC Ransomware Affiliate appeared first on SecurityWeek.
Hackers Demand $6 Million for Files Stolen From Seattle Airport Operator in Cyberattack
The Port of Seattle, which owns and runs the airport, has decided not to pay, the official said.
The post Hackers Demand $6 Million for Files Stolen From Seattle Airport Operator in Cyberattack appeared first on SecurityWeek.
Clever ‘GitHub Scanner’ campaign abusing repos to push malware
A clever threat campaign is abusing GitHub repositories to distribute malware targeting users who frequent an open source project repository or are subscribed to email notifications from it. A malicious GitHub user opens a new “issue” on an open source repository falsely claiming that the project contains a “security vulnerability.” […]