Microsoft and Google are throwing their weight behind a new Linux Foundation OpenSSF initiative to address major security gaps in the open-source software ecosystem.
OpenSSF Alpha-Omega Project Tackles Supply Chain Security
Two Dozen UEFI Vulnerabilities Impact Millions of Devices From Major Vendors
Researchers at firmware security company Binarly have identified nearly two dozen vulnerabilities in UEFI firmware code used by the world’s largest device makers.
British Council Student Data Found in Unprotected Database
The information of many British Council students was recently exposed online in an unprotected repository.
A world leading education institution, British Council operates in over 100 countries worldwide. In 2019 and 2020, it connected directly with roughly 80 million people, and with over 790 million overall.
Germany: 2 Oil Storage and Supply Firms Hit by Cyberattack
Two companies involved in storing and supplying oil and other materials said Tuesday they have been hit by a cyberattack that has impacted operations in Germany.
Iranian Hackers Using New PowerShell Backdoor Linked to Memento Ransomware
Attacks from the Iranian Phosphorus APT (aka Charming Kitten, APT35) are well documented. Now a new set of tools incorporated into the group’s arsenal, and a connection with the Memento ransomware, have been discovered.
Critical Flaw Impacts WordPress Plugin With 1 Million Installations
Over one million WordPress websites might have been impacted by a critical vulnerability in the Essential Addons for Elementor plugin.
Essential Addons for Elementor provides WordPress site admins with more than 80 elements and extensions to help them easily design WordPress pages and posts.
Cybersecurity M&A Roundup: 31 Deals Announced in January 2022
More than 30 cybersecurity-related mergers and acquisitions were announced in January 2022.
CISA Adds Recent iOS, SonicWall Vulnerabilities to ‘Must Patch’ List
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week announced the addition of eight more vulnerabilities to the list of security flaws known to be exploited in malicious attacks.
‘White Tur’ Hacking Group Borrows Techniques From Multiple APTs
A newly detailed threat actor has been observed employing various techniques borrowed from multiple advanced persistent threat (APT) actors, PwC’s cyber threat intelligence team reports.
