The Apache Software Foundation has released a security update to address a “possible remote code execution” flaw in Apache Struts 2 that is related to the OGNL technology.
CheckPoint’s latest Global Threat Index for November 2020 has revealed that there has been a new surge in infections by the well-known Phorpiex botnet which has made it the month’s most prevalent malware.
Cloudflare’s Tanya Verma and Sudheesh Singanamalla announced support for the new standard, which separates IP addresses from queries, a measure that, it is hoped, will mask requests and make it more difficult for users to be tracked online.
The cyber-criminal groups behind some of the most notorious and damaging ransomware attacks are using the same tactics and techniques as nation-state-backed hacking operations.
APT28, one of Russia’s military hacking units, was most likely responsible for hacking the email accounts of the Norwegian Parliament, the Norwegian police secret service (PST) said.
Fortinet has announced it has acquired Panopta, the SaaS platform innovator that provides full-stack visibility and automated management of the health of an enterprise network.
The Silicon Valley company said nation-state actors, almost certainly Russian, made off with the “Red Team” tools that could be used to mount new attacks around the world.
The Taiwanese vendor QNAP has released security updates to fix eight vulnerabilities, including XSS and command injection bugs, that could be exploited by attackers to over unpatched NAS devices.
Forescout Technologies disclosed 33 new vulnerabilities, including four remote code execution flaws, in four different open-source TCP/IP stacks used by major IoT, OT, and IT device vendors.
A large-scale phishing campaign is targeting 200 million Microsoft 365 users around the world, particularly within the financial services, healthcare, insurance, manufacturing, utilities, and telecom sectors.