Tracked as CVE-2023-2982 (CVSS score: 9.8), the authentication bypass flaw impacts all versions, including and prior to 7.6.4. It was addressed on June 14, 2023, with the release of version 7.6.5 following responsible disclosure on June 2, 2023.
The Cyware platform is used by top Fortune 1000 and MSSP security teams to transform their legacy SOCs into Cyber Fusion Centers and facilitate collaboration and automation in threat intelligence sharing and response.
Astrix Security, a platform that helps companies manage and secure third-party app integrations, today announced that it closed a $25 million Series A funding round led by CRV with participation from Bessemer Venture Partners and F2 Venture Capital.
The npm Public Registry, a database of JavaScript packages, fails to compare npm package manifest data with the archive of files that data describes, creating an opportunity for the installation and execution of malicious files.
Ukrainian cyber police raided and closed over a dozen fraudulent call centers last week, saying the operations were running fake investment scams that involved stealing cryptocurrency and payment card details from European and Central Asian citizens.
A Berlin, Maryland-based hospital recently told regulators that a ransomware breach discovered in January had compromised the sensitive information of nearly 137,000 patients, about five times the number of people originally estimated to be affected.
The startup, founded by longtime Israeli Military Intelligence leaders, landed the Accel-led $100 million Series B funding to support the cloud and on-premises data protection needs of hybrid organizations.
VMware said 8Base is “strikingly” similar to that of another data extortion group tracked as RansomHouse, citing overlaps in the ransom notes dropped on compromised machines and the language used in the respective data leak portals.
SolarWinds — the technology firm at the center of a December 2020 hack that affected multiple U.S. government agencies — said its executives may soon face charges from the Securities and Exchange Commission (SEC) for its response to the incident.
The mission is to “design, deploy and enable regional intelligence enhancement” through collaboration and knowledge-sharing to combat national-level cyberthreats, according to a presentation by Mohamed Al Kuwaiti, UAE head of cybersecurity.