'

Defense contractor Belcan leaks admin password with a list of flaws

Defense contractor Belcan leaks admin password with a list of flaws

US Government and defense contractor Belcan left its super admin credentials open to the public, Cybernews research team reveals. Belcan is a government, defense, and aerospace contractor offering global design, software, manufacturing, supply chain, information technology, and digital engineering solutions. The company, with reported revenue of $950 million in 2022, is a trusted strategic partner … Read more

Akira ransomware gang spotted targeting Cisco VPN products to hack organizations

Akira ransomware gang spotted targeting Cisco VPN products to hack organizations

The Akira ransomware gang targets Cisco VPN products to gain initial access to corporate networks and steal their data. The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. Like other ransomware gangs, the … Read more

Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders.

Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders.

In large metropolitan areas, tourists are often easy to spot because they’re far more inclined than locals to gaze upward at the surrounding skyscrapers. Security experts say this same tourist dynamic is a dead giveaway in virtually all computer intrusions that lead to devastating attacks like data theft and ransomware, and that more organizations should … Read more

90% of Consumers Worry Cybersecurity’s Future Is in Jeopardy if Students Aren’t Exposed to the Field at an Earlier Age

90% of Consumers Worry Cybersecurity’s Future Is in Jeopardy if Students Aren’t Exposed to the Field at an Earlier Age

New research released today from ThreatX, the leading API and application protection platform, reveals that consumers believe today’s cybersecurity talent shortage is in large part due to limited exposure to the profession and a lack of cybersecurity education and training at a younger age within school systems. 90% of consumers polled say they have concerns … Read more

Aston University partners with ISACA to offer credentials in cybersecurity and risk management to graduates

Aston University partners with ISACA to offer credentials in cybersecurity and  risk management to graduates

ISACA announces a strategic partnership with the Cyber Security Innovation (CSI) Centre at Aston University to provide the next generation of professionals with globally recognised qualifications in cybersecurity.    Aston Business School is one of the 1% of schools in the world bearing a triple crown of accreditations, including AMBA, AACSB, and EQUIS. It is … Read more

eSentire introduces LLM Gateway to help businesses secure generative AI

eSentire introduces LLM Gateway to help businesses secure generative AI

Managed detection and response (MDR) vendor eSentire has announced the availability of LLM Gateway, an open-source framework to help security teams improve their governance and monitoring of generative AI and large language models (LLMs). Originally developed for internal purposes, the gateway prototype is now freely accessible on GitHub. It is the first project from eSentire … Read more

Cato Networks: Challenger in Gartner Magic Quadrant for Single-Vendor SASE

Cato Networks: Challenger in Gartner Magic Quadrant for Single-Vendor SASE

Cato Networks has announced today that Gartner, Inc. has recognised the company as a Challenger in the Gartner® Magic Quadrant for Single-Vendor SASE. “We are SASE. Four years before SASE was even defined, Cato was founded on the vision of converging networking and security into single, global, cloud service,” said Shlomo Kramer, co-founder and CEO … Read more

Customer-configured rules now the biggest contributor to mitigated traffic

Customer-configured rules now the biggest contributor to mitigated traffic

Customer-configured rules are now the biggest contributor to mitigated traffic as organizations adopt web application firewalls (WAFs) and improve at configuring/locking down their applications. That’s according to Cloudflare’s Application Security Report: Q2 2023, based on HTTP traffic observed by the firm between April and June. The research also found that CVEs dating back almost a … Read more

10 benefits of security performance metrics for CISOs

10 benefits of security performance metrics for CISOs

Measuring security performance may not sound like the most exciting exercise on the CISO’s agenda, but the right metrics can deliver significant value to security leaders and go a long way to helping them tackle a diverse set of challenges. The intersection of modern security and business means there are multiple metrics that CISOs can … Read more

Balancing risk and compliance: implications of the SEC’s new cybersecurity regulations

Balancing risk and compliance: implications of the SEC’s new cybersecurity regulations

Corporate cybersecurity is becoming a non-negotiable priority. How companies prepare for and defend themselves against cyber intrusions has profound implications for their operations, reputation, and bottom line. Companies have historically underestimated the magnitude of cybersecurity risks, and in the view of the US Security and Exchange Commission (SEC), they have consistently underreported material losses caused … Read more

CISA adds critical Adobe ColdFusion flaw to its Known Exploited Vulnerabilities catalog

CISA adds critical Adobe ColdFusion flaw to its Known Exploited Vulnerabilities catalog

US CISA added critical vulnerability CVE-2023-26359 in Adobe ColdFusion to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added a critical flaw CVE-2023-26359 (CVSS score 9.8) affecting Adobe ColdFusion to its Known Exploited Vulnerabilities Catalog. Adobe fixed the critical flaw in March 2023, it is a deserialization of untrusted data issue in Adobe ColdFusion that can … Read more