Lohrman on Security
JUNE 9, 2024
Over the past month, the Verizon Data Breach Investigation Report and the Watchguard Technologies Internet Security Report were released. Here are some highlights.
Bleeping Computer
JUNE 9, 2024
A group of Israeli researchers explored the security of the Visual Studio Code marketplace and managed to "infect" over 100 organizations by trojanizing a copy of the popular 'Dracula Official theme to include risky code. Further research into the VSCode Marketplace found thousands of extensions with millions of installs. [.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Penetration Testing
JUNE 9, 2024
Redfox Security has uncovered a series of critical vulnerabilities in the popular Netgear WNR614 N300 router, exposing users to significant security risks. The vulnerabilities, ranging from authentication bypass to password policy circumvention and insecure... The post Multiple Critical Vulnerabilities Discovered in Netgear WNR614 Router, No Patch Available appeared first on Cybersecurity News.
Bleeping Computer
JUNE 9, 2024
A group of Israeli researchers explored the security of the Visual Studio Code marketplace and managed to "infect" over 100 organizations by trojanizing a copy of the popular 'Dracula Official theme to include risky code. Further research into the VSCode Marketplace found thousands of extensions with millions of installs. [.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Security Affairs
JUNE 9, 2024
A new PHP for Windows remote code execution (RCE) flaw affects version 5.x and earlier versions, potentially impacting millions of servers worldwide. Researchers at cybersecurity firm DEVCORE discovered a critical remote code execution (RCE) vulnerability , tracked as CVE-2024-4577, in the PHP programming language. An unauthenticated attacker can exploit the flaw to take full control of affected servers.
Bleeping Computer
JUNE 9, 2024
Brave browser experienced its most significant growth month ever in May 2024, now used by more than 78.95 million monthly users, up 7.3%. [.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
The Hacker News
JUNE 9, 2024
Cybersecurity researchers have disclosed details of a threat actor known as Sticky Werewolf that has been linked to cyber attacks targeting entities in Russia and Belarus.
Penetration Testing
JUNE 9, 2024
A security researcher has published a proof-of-concept (PoC) exploit code targeting a recent important severity vulnerability (CVE-2024-30043) in Microsoft SharePoint Server. Rated with a CVSS score of 6.5, this vulnerability exposes sensitive information and... The post Poc Exploit Releases for Microsoft SharePoint Information Disclosure Flaw (CVE-2024-30043) appeared first on Cybersecurity News.
Security Affairs
JUNE 9, 2024
Frontier Communications is notifying over 750,000 individuals that their personal information was stolen in a recent cyber attack. Last week, the RansomHub ransomware group claimed to have stolen the information of over 2 million customers from the American telecommunications company Frontier Communications. The RansomHub group claimed to have stolen 5GB of data from the telecommunications giant.
Penetration Testing
JUNE 9, 2024
In a recent investigation by cybersecurity researchers Avigayil Mechtinger, Shay Berkovich, and Gili Tikochinski at Wiz Research, a new variant of an ongoing cryptojacking campaign targeting misconfigured Kubernetes clusters has been uncovered. This campaign... The post Evolving Cryptojacking Campaign Targets Misconfigured Kubernetes Clusters appeared first on Cybersecurity News.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Security Boulevard
JUNE 9, 2024
Over the past month, the Verizon Data Breach Investigation Report and the Watchguard Technologies Internet Security Report were released. Here are some highlights. The post The Evolving Cyber Landscape: Insights from 2024 Reports appeared first on Security Boulevard.
Penetration Testing
JUNE 9, 2024
A critical vulnerability, identified as CVE-2024-23692, has been discovered in Rejetto HTTP File Server (HFS) versions 2.x, posing a significant risk to organizations and individuals utilizing this software for file sharing. The vulnerability, assigned... The post CVE-2024-23692: Unauthenticated RCE Flaw in Rejetto HTTP File Server, PoC Published appeared first on Cybersecurity News.
Security Boulevard
JUNE 9, 2024
Authors/Presenters:Yuhang Zhao, Yaxing Yao, Jiaru Fu, Nihan Zhou Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott ; and via the organizations YouTube channel. Permalink The post USENIX Security ’23 – “If Sighted People Know, I Should Be Able To Know:” Privacy Perceptions Of Bystanders With Visual Impairm
Penetration Testing
JUNE 9, 2024
Morphisec Labs has identified a surge in cyber activity associated with the Sticky Werewolf group, a threat actor with suspected geopolitical or hacktivist ties. This elusive group, first detected in April 2023, has expanded... The post Sticky Werewolf Targets Aviation Sector in Latest Malicious Campaign appeared first on Cybersecurity News.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Security Boulevard
JUNE 9, 2024
In episode 333 of the Shared Security Podcast, Tom and Scott discuss a recent massive data breach at Ticketmaster involving the data of 560 million customers, the blame game between Ticketmaster and third-party provider Snowflake, and the implications for both companies. Additionally, they discuss Live Nation’s ongoing monopoly investigation. In the ‘Aware Much’ segment, the […] The post Ticketmaster Data Breach and Rising Work from Home Scams appeared first on Shared Security Podcast.
Penetration Testing
JUNE 9, 2024
FortiGuard Labs has recently identified a new phishing campaign deploying a variant of the notorious Agent Tesla malware, specifically targeting Spanish-speaking users. Agent Tesla, a well-known Remote Access Trojan (RAT), has been active for... The post New Agent Tesla Campaign Targets Spanish-Speaking Users appeared first on Cybersecurity News.
Security Boulevard
JUNE 9, 2024
Seccomp in a nutshell Seccomp, short for Secure Computing Mode, is a security feature in the Linux kernel The post Seccomp for Kubernetes workloads appeared first on ARMO. The post Seccomp for Kubernetes workloads appeared first on Security Boulevard.
Expert insights. Personalized for you.
232 
Let's personalize your content