Apple on Wednesday rolled out emergency patches for a pair of already exploited zero-day vulnerabilities in its flagship macOS and iOS platforms.
Apple confirmed in-the-wild exploitation of the vulnerabilities in separate advisories warning about code execution flaws in fully patched iPhone, iPad and macOS devices.
Trend Micro’s Zero Day Initiative, a major player in the vulnerability disclosure ecosystem, is ramping up the pressure on software vendors that consistently ship faulty security patches.
Zero Trust has become so prevalent that it has lost some of its stopping power
Microsoft on Monday announced another major disruption of an APT actor believed to be linked to the Russian government, cutting off access to accounts used for pre-attack reconnaissance, phishing, and email harvesting.
Hundreds of companies and organizations showcased their products and services this week at the 2022 edition of the Black Hat conference in Las Vegas.
It’s not if, but when and how often you get attacked
Sophos research for its Active Adversary Playbook 2022 revealed that victims are often attacked by multiple adversaries – usually, in rapid succession but sometimes simultaneously. Further analysis now suggests the aphorism ‘it’s not if, but when you are attacked’ should be expanded with the extension, ‘and how often’.
Enterprise software vendor Twilio (NYSE: TWLO) has been hacked by a relentless threat actor who successfully tricked employees into giving up login credentials that were then used to steal third-party customer data.
Canadian security firm HYAS Infosec has released a new DNS protection tool dubbed HYAS Confront that was designed to provide clear visibility into DNS transactions into production networks.
Texas startup Ghost Security has joined the list of early-stage companies in the API and application security space attracting venture capital funding.
The Austin-based company emerged from stealth this week with $15 million in investments from 468 Capital, DNX Ventures, and Munich Re Ventures.
Workplace productivity software giant Slack on Friday forced password resets for a tiny fraction of its users after the discovery of a security flaw that exposed Slack credentials.
Slack’s security response team alerted users to the issue via email and followed up with a blog post warning about the risk of passwords leaking to a skilled attacker.
Impostazioni privacy
Questo sito utilizza i cookie per migliorare la tua esperienza di navigazione su questo sito.
