The acquisition marks the next exciting phase of Veracode, underscoring the company’s commitment to help organizations manage and reduce application risk across the growing attack surface.
The Cybersecurity and Infrastructure Security Agency issued an alert Friday warning of a previously unnoticed backdoor in a widely used Linux tool that compresses and encrypts files shared between parties.
Armed forces have always utilized war-gaming exercises for battlefield training to prepare for times of conflict. With today’s digital transformation, the same concept is being applied in the form of cybersecurity exercises.
The Federal Communications Commission (FCC) says it is taking action to address significant weaknesses in telecommunications networks that can enable cybercrime and spying.
A classic type of fraud — when a crook impersonates a business or a government agency — appears to be bigger than ever, according to federal statistics, and it’s now most likely to begin via text message or email instead of a phone call.
Evasive, basic, and encrypted malware all increased in Q4 2023, fueling a rise in total malware, according to WatchGuard. The average number of malware detections rose 80% from the previous quarter.
In late February 2024, the Foundation received a few support requests and became aware of a misconfiguration of OWASP’s old Wiki web server. The misconfiguration led to a data breach involving old member resumes.
The National Institute of Standards and Technology (NIST) blamed increases in the volume of software and “a change in interagency support” for the recent backlog of vulnerabilities analyzed in the organization’s National Vulnerability Database (NVD).
Fox-IT warned that a new, evasive version of Vultur spreads to victims through a hybrid attack that relies on SMS phishing and phone calls that trick the targets into installing a version of the malware that masquerades as the McAfee Security app.
“The data was stolen by exploiting several critical vulnerabilities in the platform’s API and other bugs were identified allowing access to the internal service of the website,” the threat actor named ‘Sanggiero’ said.