Recent Security News
-
How to Scan Your Environment for Vulnerable Versions of Curl
October 12, 2023 at 09:59AM The recently fixed vulnerabilities in the command-line tool curl and the libcurl library require security teams to identify and remediate impacted systems. The vulnerabilities can only be exploited under specific conditions. Organizations should scan their environment using software analysis tools to assess which systems are using curl and libcurl. Additionally,…
-
Uber’s Ex-CISO Appeals Conviction Over 2016 Data Breach
October 12, 2023 at 09:59AM Former Uber CISO Joseph Sullivan’s lawyers have argued in an appeal that his conviction for charges related to a 2016 data breach should not stand as it threatens bug bounty programs. They describe the verdict as “profoundly flawed” and claim that it jeopardizes the valuable tool used by security teams…
-
New California Delete Act Tightens Rules for Data Brokers
October 12, 2023 at 09:59AM California Governor Gavin Newsom signed a bill into law that defines the responsibilities and processes of data brokers. The law requires businesses in California to meet new procedures to protect consumers’ personal privacy. The California Privacy Protection Agency will now enforce data broker obligations. Data brokers must register with the…
-
Reasonable Valuations Drove Mergers and Acquisition Activity in Q3, 2023
October 12, 2023 at 09:59AM In Q3 2023, Cisco’s acquisition of Splunk for $28 billion was a major highlight in the cybersecurity industry. Other vendors made strategic purchases to position themselves in emerging security segments. The quarter also saw a revival in IPO activity and an increase in venture funding. The security segments experiencing the…
-
Everest cybercriminals offer corporate insiders cold, hard cash for remote access
October 12, 2023 at 09:57AM The Everest ransomware group is seeking to recruit corporate insiders to gain access to corporate networks directly. The group is offering a percentage of the profits from successful attacks to those who assist in the initial intrusion, promising transparency and confidentiality. Everest is specifically targeting organizations in the US, Canada,…