News • Insights • Analysis
Rapid7 is disclosing CVE-2024-0394, a privilege escalation vulnerability in Rapid7 Minerva’s Armor product family. Minerva uses the open-source OpenSSL library for cryptographic functions and to support secure communications. The root cause of this vulnerability is Minerva’s implementation of OpenSSL’s OPENSSLDIR Read More …
Transportation is a key economic sector. It spans a multitude of diverse companies engaged in logistics, urban transit, land and air cargo and passenger conveyance, and other activities. The transportation system performs critical functions that support nationwide objectives by connecting Read More …
There are two main ways to recover encrypted data in a ransomware attack: restoring from backups and paying the ransom. Compromising an organization’s backups enables adversaries to restrict their victim’s ability to recover encrypted data and dial-up the pressure to Read More …
The federal government announced on Tuesday the formation of a National Computer Emergency Response Team (CERT). This initiative aims to fortify the country’s defenses against the growing threat of cyber attacks, providing essential awareness and protection measures to safeguard digital Read More …
SQL injection – or SQLi – vulnerabilities remain a persistent class of defect in commercial software products. Despite widespread knowledge and documentation of SQLi vulnerabilities over the past two decades, along with the availability of effective mitigations, software manufacturers have Read More …
The UN General Assembly on Thursday adopted a landmark resolution on the promotion of “safe, secure and trustworthy” artificial intelligence (AI) systems that will also benefit sustainable development for all. The Assembly called on all Member States and stakeholders “to Read More …
Ivanti has issued patches for two vulnerabilities. One was discovered in the Ivanti Standalone Sentry, which impacts all supported versions 9.17.0, 9.18.0, and 9.19.0. Older versions are also at risk. The other vulnerability impacts all supported versions of Ivanti Neurons Read More …
Home security gadgets like Ring doorbells are increasingly being targeted by cyber crooks and their nasty phishing campaigns. Cybersecurity experts at Trustwave have warned Ring customers – and owners of similar gadgets from other brands – that home security tech is Read More …
China’s national security authorities publicized on Thursday a typical case of cyber ransom attacks to help raise public awareness over online blackmail and attacks from overseas, which not only affects social stability and economic development but also threatens China’s national Read More …
The American Hospital Association has opposed mandatory cybersecurity requirements proposed for the healthcare sector following the ransomware attack against Change Healthcare, which has resulted in widespread prescription processing outages across the U.S. “Imposing fines or cutting Medicare payments would diminish Read More …
