Recent Security News
-
Copy that? Xerox confirms ‘security incident’ at subsidiary
January 3, 2024 at 08:23AM Xerox has confirmed a cybersecurity breach at its US subsidiary, XBS, following claims by INC Ransom of data exfiltration. The attack potentially compromised personal information, and Xerox is working with cybersecurity experts to investigate. The group behind the attack, INC Ransom, is known for indiscriminate targeting and previously threatened Xerox…
-
CISA warns of actively exploited bugs in Chrome and Excel parsing library
January 3, 2024 at 07:58AM The U.S. Cybersecurity and Infrastructure Security Agency has added two vulnerabilities to its Known Exploited Vulnerabilities catalog. The first vulnerability, CVE-2023-7101, affects the Spreadsheet::ParseExcel library, allowing remote code execution. The second vulnerability, CVE-2023-7024, is a heap buffer overflow issue in WebRTC in Google Chrome. Federal agencies have until January 23…
-
21 New Mac Malware Families Emerged in 2023
January 3, 2024 at 07:42AM In 2023, 21 new malware families targeting macOS systems were discovered by security researcher Patrick Wardle, representing a 50% increase from 2022. Wardle’s blog post provides detailed analysis of each family’s characteristics and their potential impact on Apple devices. Notable threats include ransomware, infostealers, APT-developed malware, and variations of existing…
-
Xerox Confirms Data Breach at US Subsidiary Following Ransomware Attack
January 3, 2024 at 06:18AM Xerox Business Solutions experienced a data breach limited to its US operations, containing personal information. The company will notify affected individuals but hasn’t confirmed the impact on clients, employees, or partners. The ransomware gang Inc Ransom claimed responsibility, posting stolen documents on a leak site, which Xerox might have prevented…
-
5 Ways to Reduce SaaS Security Risks
January 3, 2024 at 06:18AM As technology adoption becomes more employee-driven and from any location or device, IT and security teams face challenges in managing the expanding SaaS attack surface. CrowdStrike’s report indicates that compromised identities are a leading cause of breaches. Nudge Security offers solutions including real-time SaaS discovery and monitoring, managing OAuth risks,…