Recent Security News
-
SimSpace Scores $45 Million Investment to Expand Cyber Range Tech Markets
December 20, 2023 at 03:09PM Cyber-range training startup SimSpace raised $45 million in new funding, making it a total of $70 million raised. With its “Cyber Force Platform,” the company aims to expand into new global markets and provide technology for organizations to conduct secure and scalable cyber simulations. SimSpace has gained traction with Fortune…
-
Physical Access Systems Open Cyber Door to IT Networks
December 20, 2023 at 02:50PM Otorio researchers demonstrated at Black Hack Europe 2023 how attackers can exploit access control systems installed on secure facility doors to gain unauthorized building access and breach internal IP networks. They highlighted vulnerabilities in modern physical access control systems (PACSs), particularly those using the Open Supervised Device Protocol (OSDP), urging…
-
Ivanti releases patches for 13 critical Avalanche RCE flaws
December 20, 2023 at 01:10PM Ivanti released security updates fixing 13 critical vulnerabilities in their Avalanche enterprise mobile device management (MDM) solution. The flaws relate to buffer overflows. Unauthenticated attackers could exploit them for remote code execution. All issues were resolved in Avalanche v6.4.2.313. CISA and NCSC-NO have expressed concern about potential widespread exploitation in…
-
Iranian ‘Seedworm’ Cyber Spies Target African Telcos & ISPs
December 20, 2023 at 12:33PM Iran-backed cyberespionage group, Seedworm, is targeting telecommunication organizations in North and East Africa, using tools like PowerShell, SimpleHelp, and Venom Proxy. Seedworm has been active since 2017 and previously linked to Iran’s MOIS. This group typically relies on spear-phishing emails containing various legitimate remote administration tools. Seedworm’s targets include government…