'

Diligere, Equity-Invest Are New Firms of U.K. Con Man

Diligere, Equity-Invest Are New Firms of U.K. Con Man

John Clifton Davies, a convicted fraudster estimated to have bilked dozens of technology startups out of more than $30 million through phony investment schemes, has a brand new pair of scam companies that are busy dashing startup dreams: A fake investment firm called Equity-Invest[.]ch, and Diligere[.]co.uk, a scam due diligence company that Equity-Invest insists all … Read more

Ongoing Xurum attacks target Magento 2 e-stores

Ongoing Xurum attacks target Magento 2 e-stores

Experts warn of ongoing attacks, dubbed Xurum, targeting e-commerce websites using Adobe’s Magento 2 CMS. Akamai researchers warn of ongoing attacks, dubbed Xurum, targeting e-commerce websites running the Magento 2 CMS. The attackers are actively exploiting a server-side template injection issue, tracked as CVE-2022-24086, (CVSS score: 9.8), in Adobe Commerce and Magento Open Source. The … Read more

Colorado HCPF Department notifies 4 million individuals after IBM MOVEit breach

Colorado HCPF Department notifies 4 million individuals after IBM MOVEit breach

The Colorado Department of Health Care Policy & Financing (HCPF) disclose a data breach after MOVEit attack on IBM. The Colorado Department of Health Care Policy & Financing (HCPF) disclosed a data breach that impacted more than four million individuals. The incident is the result of a MOVEit attack on IBM, threat actors accessed the … Read more

Verimatrix Introduces New Website Security Integration

Verimatrix Introduces New Website Security Integration

Verimatrix has recently announced the introduction of a novel website security solution, Verimatrix XTD Web Protect powered by Reflectiz. This unveiling took place during the Black Hat USA event last week. The development of these website-oriented security services has been made possible through a strategic collaboration with Reflectiz, a renowned cybersecurity firm. These services will … Read more

Effectively upskilling cybersecurity professionals to help close the skills gap

Effectively upskilling cybersecurity professionals to help close the skills gap

Globally, there are more cyberthreats than ever and a surge in attacks on operational technology (OT), including the proliferation of new ransomware variations and the ascent of Malware-as-a-Service (MaaS). These developments have caused many firms to place a higher premium on narrowing the cybersecurity skills gap within their own IT teams. Leaders are looking not only at … Read more

Experts found multiple flaws in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP)

Experts found multiple flaws in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP)

Multiple flaws in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP) can expose to several attacks. Researchers from security firm SySS discovered multiple vulnerabilities in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP) that could be exploited by an attacker to conduct several attacks. The experts presented their findings at the Black Hat USA security … Read more

Quest Software Update

Quest Software Update

Quest Software, a systems management, data protection and security software, company, has announced what it calls its latest breakthrough in data management with the launch of erwin Data Modeler by Quest 12.5. Boasting cutting-edge features that enhance data quality, governance, and stakeholder collaboration, erwin Data Modeler 12.5 drives organisations towards data democratisation, facilitating strategic efforts … Read more

10 passwordless authentication solutions

10 passwordless authentication solutions

Passwords have long been the standard for authentication in computing systems, but they have been proven weak again and again by brute force or dictionary attacks, or their susceptibility to being compromised through increasingly sophisticated phishing campaigns. Passwordless–one of those buzzwords that leaves no doubt as to the meaning behind the term–is one of the … Read more

Nine flaws in CyberPower and Dataprobe solutions expose data centers to hacking

Nine flaws in CyberPower and Dataprobe solutions expose data centers to hacking

Multiple vulnerabilities in CyberPower PowerPanel Enterprise DCIM platform and Dataprobe PDU could expose data centers to hacking. Researchers from Trellix Advanced Research Center discovered multiple vulnerabilities impacting CyberPower’s PowerPanel Enterprise Data Center Infrastructure Management (DCIM) platform and Dataprobe’s iBoot Power Distribution Unit (PDU). An attacker could exploit to gain unauthenticated access to these systems and … Read more