The Log4j vulnerability exists in unpatched versions of Ubiquiti's UniFi Network applications, and is being actively targeted by attackers via a customized exploit, researchers at security firm Morphisec warn. While updates are available, systems remain at risk until patched.
The House Oversight and Reform Committee today advanced its version of the Federal Information Security Modernization Act of 2022, which entails cybersecurity updates for federal civilian agencies. The bipartisan measure was sent to the full House on a voice vote.
Learn to understand the gray space in which malicious attack campaigns function in order to get ahead of attackers, and avoid data breaches or negative outcomes for your business.
Organizations today need to rethink how cloud security not only drives stronger predictions, but adds value with ease of use. Learn how you can stop the most evasive attacks automatically with adaptive security.
Democratic lawmakers outlined several provisions of the proposed America COMPETES Act, a measure to counter anti-competitive actions taken by China. Crypto advocates were quick to criticize one measure they say could have caused privacy and due process concerns. The language has now been amended.
In a report published Monday, Symantec's Threat Hunter Team outlines a specific Russian cyberespionage campaign conducted on a Ukrainian network in 2021 - which comes as Russia has amassed 100,000 or more troops at Ukraine's eastern border while it reportedly mulls invasion
Change is afoot at Trellix, which is the new name of the cybersecurity software business formed from the merger of McAfee Enterprise and FireEye. CEO Bryan Palma says the extended detection and response - aka XDR - software imperative for his customers is to do more, but with fewer suppliers and management overhead.
In the first of a planned series of articles looking at strategies that have helped her and her teams over the years to not just survive a stressful environment, but thrive in it, cybersecurity executive and CyberEdBoard executive member Kerissa Varma offers this: Be a human, not a terminator.
The decentralized money market platform Qubit Finance, which runs on the Binance Smart Chain, has been hacked for more than $80 million, it confirmed via tweet on Friday. Blockchain security experts say it's the largest DeFi hack of 2022.
Attack scans and attempts related to the Log4j flaw may have declined, but some security experts believe the attack vectors will continue to pose a problem up to two years. Also, the Ukraine Computer Emergency Response Team reports Log4j could be a possible attack vector in recent cyberattacks.
A new malware dubbed DazzleSpy has been found targeting macOS users in Hong Kong. The malware is being planted through pro-democracy radio station D100's news website, which was earlier compromised through a watering hole campaign, researchers from cybersecurity firm ESET report.
A memory corruption vulnerability has been uncovered in Polkit’s pkexec, a SUID root program that is installed by default on every major Linux distribution, allowing any unprivileged user to gain root privileges on the vulnerable host.
As ransomware threats continue to grow in 2022, cyber insurance companies have clearly stated that they do not want to talk about the "cyber" part of insurance, says Sri Lanka-based Sujit Christy, group CISO at John Keells Holdings PLC.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.