Alex Inführ discovered a new shell injection vulnerability related to the parsing of PDF files by ImageMagick while investigating ‘ImageTragick’, a set of vulnerabilities discovered in 2016.
This year’s Black Friday DDoS attacks may be especially challenging for online retailers’ operations globally if they accompany exceptionally high volumes of normal traffic.
WISeKey will acquire a majority interest in arago, a leading German technology company that provides artificial intelligence to enterprises globally through knowledge automation.
TikTok has patched a reflected cross-site scripting security flaw and a vulnerability leading to account takeover impacting the firm’s web domain, which were reported by a security researcher.
Telefónica, via Telefónica Tech Ventures, its vehicle for investment in cybersecurity startups, has invested in Smart Protection, a startup that protects brands against counterfeiting on the internet.
The malware called “xpc.js” includes next-generation machine learning algorithms that automatically detect potentially malicious activity associated with open source ecosystems.
The think tank Parliament Street collected Freedom of Information (FOI) responses to reveal that over 22.3 million cyberattacks were blocked by parliament from January 1, 2020, to August 31, 2020.
The bug affected GitHub’s Actions feature – a developer workflow automation tool – that Google Project Zero researcher Felix Wilhelm said was “highly vulnerable to injection attacks”.
Organizations that qualify as leaders recognize their own limitations and are much more likely to supplement their security efforts with crowdsourced penetration testing and bug bounty programs.