Recent Security News
-
Industrial Defender Risk Signal, a Risk-Based Vulnerability Management Solution for OT Security
January 4, 2024 at 05:40PM Industrial Defender has launched the Industrial Defender Risk Signal, a risk-based vulnerability management (RBVM) solution tailored for industrial environments. The solution significantly reduces vulnerability lists, integrates threat intelligence, and allows customizable risk tolerance. Industrial Defender is a trusted provider of OT asset data and cybersecurity solutions with a mission to…
-
Ivanti warns critical EPM bug lets hackers hijack enrolled devices
January 4, 2024 at 04:46PM Ivanti resolved a critical remote code execution (RCE) vulnerability in its Endpoint Management software (EPM), impacting all supported versions. Attackers on internal networks can exploit the flaw without requiring privileges or user interaction. Ivanti has prevented public access to full details on the vulnerability, aiming to provide customers with time…
-
Apache ERP Zero-Day Underscores Dangers of Incomplete Patches
January 4, 2024 at 04:08PM An unknown group has targeted a zero-day vulnerability in Apache’s OfBiz enterprise resource planning framework, allowing attackers to access sensitive information and remotely execute code. The incident underscores the importance of thorough patch analysis, as attackers often find ways to bypass software fixes. Similar patch failures have been seen with…
-
Airbus Looks to Acquire Atos Cybersecurity Unit for Nearly $2 Billion
January 4, 2024 at 04:00PM Airbus and Atos are in initial talks for Airbus to potentially acquire Atos’ Big Data and Security (BDS) business for a valuation of €1.5 to 1.8 billion. The offer is nonbinding, and discussions are ongoing. This potential sale reflects the growing need for specialized aviation cybersecurity solutions, with new regulations…
-
X marks the spot: Mandiant restores hijacked Twitter account after attempted crypto heist
January 4, 2024 at 03:11PM On Wednesday, miscreants seized control of security firm Mandiant’s Twitter account to attempt cryptocurrency theft. After being renamed as a phony crypto wallet service account, the hijackers lured users to a fraudulent website for free tokens, prompting concerns of financial losses. The incident highlights Twitter’s ongoing security concerns and risks…