While companies have responded to the new SEC rules by disclosing incidents promptly, many of the reports don’t meet the SEC’s “material” standard. Go to Source Author: Fahmida Y. Rashid
Category Archives: Uncategorized
A Brazilian citizen has been charged in the United States for allegedly threatening to release data stolen by hacking into a company’s network in March 2020. Junior Barros De Oliveira, 29, of Curitiba, Brazil has been charged with four counts of extortionate threats involving information obtained from protected computers and four counts of threatening communications, […]
From zero-day exploits to 5G network vulnerabilities, these are the threats that are expected to persist over the next 12 months. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
As organizations on the continent expand their use of digital technologies, they increasingly face many of the same threats that entities in other regions have had to deal with for years. Go to Source Author: Jai Vijayan, Contributing Writer
Cybersecurity researchers have discovered several security flaws in the cloud management platform developed by Ruijie Networks that could permit an attacker to take control of the network appliances. “These vulnerabilities affect both the Reyee platform, as well as Reyee OS network devices,” Claroty researchers Noam Moshe and Tomer Goldschmidt said in a recent analysis. “The […]
The Apache Software Foundation (ASF) has shipped security updates to address a critical security flaw in Traffic Control that, if successfully exploited, could allow an attacker to execute arbitrary Structured Query Language (SQL) commands in the database. The SQL injection vulnerability, tracked as CVE-2024-45387, is rated 9.9 out of 10.0 on the CVSS scoring system. […]
The Iranian nation-state hacking group known as Charming Kitten has been observed deploying a C++ variant of a known malware called BellaCiao. Russian cybersecurity company Kaspersky, which dubbed the new version BellaCPP, said it discovered the artifact as part of a “recent” investigation into a compromised machine in Asia that was also infected with the […]
“Zero trust” doesn’t mean “zero testing.” Go to Source Author: Rob Sloan, Sam Curry
Changes at CISA and promises of more public-private partnerships and deregulation are just a few ways the incoming administration could upend the feds’ role in cybersecurity. Go to Source Author: Becky Bracken, Senior Editor, Dark Reading
The security extensions for the Domain Name System aimed to make the Internet more reliable, but instead the technology has exchanged one set of problems for another. Go to Source Author: Robert Lemos, Contributing Writer