Recent Security News

  • Curl Bug Hype Fizzles After Patching Reveal

    October 11, 2023 at 04:24PM The cybersecurity community anxiously awaited the disclosure of two security flaws in the open source proxy resolution tool, Curl. However, after patches and bug details were unveiled, neither vulnerability lived up to the hype. The first flaw could allow data corruption or remote code execution, but it only affects a…

    Read More

  • US Navy sailor admits selling secret military blueprints to China for $15K

    October 11, 2023 at 03:46PM A US Navy service member, Petty Officer Wenheng Zhao, pleaded guilty to receiving bribes from a Chinese spymaster in exchange for passing on American military secrets. Zhao, who worked at Naval Base Ventura County, faces up to 20 years in prison for conspiring with the Chinese intelligence officer and receiving…

    Read More

  • Microsoft: Chinese APT Behind Atlassian Confluence Attacks; PoCs Appear

    October 11, 2023 at 03:40PM China-sponsored APT Storm-0062 is responsible for exploiting a critical bug in Atlassian Confluence Server, according to Microsoft. Proof-of-concept exploits are now available, indicating potential mass exploitation. The vulnerability (CVE-2023-22515) allows remote code execution without authentication. Microsoft identified four IP addresses associated with the exploit and warned of the creation of…

    Read More

  • Cloud Security Demand Drives Better Cyber-Firm Valuations — and Deals

    October 11, 2023 at 02:52PM The third quarter of 2023 saw significant M&A activity in the cybersecurity industry, with Cisco’s $28 billion acquisition of Splunk leading the way. Other major players, including CrowdStrike and Check Point, also made strategic purchases to expand their offerings. Venture funding in the sector picked up after a slow start…

    Read More

  • Microsoft Defender now auto-isolates compromised accounts

    October 11, 2023 at 02:46PM Microsoft Defender for Endpoint now has a new feature called ‘contain user’ in public preview that helps prevent lateral movement in hands-on-keyboard attacks. It isolates compromised user accounts to disrupt attacks and prevent malicious actions such as credential theft and data exfiltration. The feature has been effective in protecting thousands…

    Read More