Recent Security News
-
US Gov Publishes Cybersecurity Guidance for Water and Wastewater Utilities
January 19, 2024 at 06:54AM The US government released new guidance for the water and wastewater sector to improve cyber resilience and incident response capabilities. The document, developed by CISA, the FBI, and the EPA, outlines federal roles and resources, encourages incident reporting, and emphasizes interaction with local cyber communities. It aims to mitigate escalating…
-
Preventing Data Loss: Backup and Recovery Strategies for Exchange Server Administrators
January 19, 2024 at 06:33AM Summary: The article highlights the rising significance of data in the digital world, particularly in on-premises Exchange Server environments. It elaborates on the evolving threats of data loss, the changing role of administrators, and crucial backup and recovery strategies to prevent permanent data loss. The consequences of data loss and…
-
Nigerian Law Enforcement Agency Advised to Retrain African Cybercriminals
January 19, 2024 at 06:16AM Nigerian cybersecurity expert Chidiebere Ihediwa suggested retraining online scammers as information technology specialists to benefit the country. He highlighted that redirecting their knowledge to legitimate tech roles for educated young men among the fraudsters could be more advantageous than letting them sit in jail. This strategy aims to utilize their…
-
Ivanti EPMM Vulnerability Targeted in Attacks as Exploitation of VPN Flaws Increases
January 19, 2024 at 06:12AM The US security agency CISA warns of increasing exploitation of two Ivanti Connect Secure VPN vulnerabilities by a Chinese cyberespionage group, compromising over 2,100 devices belonging to various organizations. Additionally, a separate Ivanti product flaw is being exploited. Patches have been released with mitigations, but widespread exploitation continues, including new…
-
VMware vCenter Server Vulnerability Exploited in WildÂ
January 19, 2024 at 06:12AM VMware warns of CVE-2023-34048, a critical vCenter Server vulnerability exploited in the wild. The issue, an out-of-bounds write problem related to DCERPC protocol implementation, allows remote code execution with network access. VMware released patches in October, even for end-of-life versions. The exploitation has been confirmed, with potentially hundreds of exposed…