Recent Security News
-
Ongoing Azure Cloud Account Takeover Campaign Targeting Senior Personnel
February 12, 2024 at 11:21AM A cloud account takeover campaign has affected numerous Azure environments and compromised many user accounts. The campaign specifically targets senior personnel. This ongoing threat is a significant security concern within the Azure cloud environment, as reported by SecurityWeek. Based on the meeting notes, it appears that there has been a…
-
Free Rhysida ransomware decryptor for Windows exploits RNG flaw
February 12, 2024 at 10:48AM South Korean researchers discovered and publicly disclosed a flaw in Rhysida ransomware, enabling the creation of a free Windows decryptor. This ransomware is known for targeting healthcare organizations and was the subject of a warning by the FBI and CISA for attacks against various industries. The flaw allowed for the…
-
It’s Time to Rethink Third-Party Risk Assessment
February 12, 2024 at 10:06AM Regularly re-evaluating third-party risk assessments enhances security and prevents potential headline-grabbing incidents for your company. The key takeaway from the meeting notes is that continuously evaluating and updating third-party risk assessment is crucial for improving security posture and avoiding headline-making incidents for the company. Full Article
-
Fortinet, Ivanti Keep Customers Busy With Yet More Critical Bugs
February 12, 2024 at 09:08AM Recent critical security issues continue to emerge from both vendors, with a brand-new vulnerability being exploited in the wild. This adds to the existing stream of security concerns within the platforms. It sounds like the meeting notes are highlighting brand-new vulnerabilities from both vendors, with at least one being exploited…
-
ExpressVPN User Data Exposed Due to Bug
February 12, 2024 at 09:03AM ExpressVPN disabled split tunneling on Windows due to improperly directed DNS requests, which led to user data exposure. This issue was highlighted in a post on SecurityWeek. Based on the given meeting notes, it appears that ExpressVPN disabled split tunneling on Windows due to DNS requests not being properly directed.…