Google ships an Android security update with fixes for 15 vulnerabilities, including a critical-severity flaw in Framework.
The post Google Patches 25 Android Flaws, Including Critical Privilege Escalation Bug appeared first on SecurityWeek.
Evolve Bank Shares Data Breach Details as Fintech Firms Report Being Hit
Fintech companies Wise and Affirm are impacted by the data breach at Evolve Bank, which has shared additional details on the recent ransomware attack.
The post Evolve Bank Shares Data Breach Details as Fintech Firms Report Being Hit appeared first on SecurityWeek.
Splunk Patches High-Severity Vulnerabilities in Enterprise Product
Splunk has patched multiple vulnerabilities in Splunk Enterprise, including high-severity remote code execution bugs.
The post Splunk Patches High-Severity Vulnerabilities in Enterprise Product appeared first on SecurityWeek.
Critical CocoaPods Flaws Exposed Many iOS, macOS Apps to Supply Chain Attacks
EVA Information Security has shared details on three CocoaPods vulnerabilities impacting millions of macOS and iOS applications.
The post Critical CocoaPods Flaws Exposed Many iOS, macOS Apps to Supply Chain Attacks appeared first on SecurityWeek.
Cyberinsurance Premiums are Going Down: Here’s Why and What to Expect
The change in premium rates is more likely to be the insurers’ correction than the insureds’ improvement in security.
The post Cyberinsurance Premiums are Going Down: Here’s Why and What to Expect appeared first on SecurityWeek.
From the SOC to Everyday Success: Data-Driven Life Lessons from a Security Analyst
By taking a data-driven approach to life, grounded in truth and facts, we can improve our chances of making better decisions and achieving better results.
The post From the SOC to Everyday Success: Data-Driven Life Lessons from a Security Analyst appeared first on SecurityWeek.
Cisco Patches NX-OS Zero-Day Exploited by Chinese Cyberspies
Cisco has patched an NX-OS command injection zero-day exploited by China-linked cyberespionage group Velvet Ant.
The post Cisco Patches NX-OS Zero-Day Exploited by Chinese Cyberspies appeared first on SecurityWeek.
Critical Flaw in PTC License Server Can Allow Lateral Movement in Industrial Organizations
PTC has patched a critical vulnerability in the Creo Elements/Direct License Server that can be exploited for unauthenticated command execution.
The post Critical Flaw in PTC License Server Can Allow Lateral Movement in Industrial Organizations appeared first on SecurityWeek.
PortSwigger Scores Hefty $112 Million Investment
The British company behind the popular Burp Suite pen-test utilities has banked a massive $112 million investment from Brighton Park Capital.
The post PortSwigger Scores Hefty $112 Million Investment appeared first on SecurityWeek.
HubSpot Warns of Ongoing Cyberattacks Targeting Customer Accounts
HubSpot is “actively investigating and blocking attempts” to hack into customer accounts but some targets have already been compromised.
The post HubSpot Warns of Ongoing Cyberattacks Targeting Customer Accounts appeared first on SecurityWeek.
