Recent Security News

  • US Navy sailor admits selling secret military blueprints to China for $15K

    October 11, 2023 at 03:46PM A US Navy service member, Petty Officer Wenheng Zhao, pleaded guilty to receiving bribes from a Chinese spymaster in exchange for passing on American military secrets. Zhao, who worked at Naval Base Ventura County, faces up to 20 years in prison for conspiring with the Chinese intelligence officer and receiving…

    Read More

  • Microsoft: Chinese APT Behind Atlassian Confluence Attacks; PoCs Appear

    October 11, 2023 at 03:40PM China-sponsored APT Storm-0062 is responsible for exploiting a critical bug in Atlassian Confluence Server, according to Microsoft. Proof-of-concept exploits are now available, indicating potential mass exploitation. The vulnerability (CVE-2023-22515) allows remote code execution without authentication. Microsoft identified four IP addresses associated with the exploit and warned of the creation of…

    Read More

  • Cloud Security Demand Drives Better Cyber-Firm Valuations — and Deals

    October 11, 2023 at 02:52PM The third quarter of 2023 saw significant M&A activity in the cybersecurity industry, with Cisco’s $28 billion acquisition of Splunk leading the way. Other major players, including CrowdStrike and Check Point, also made strategic purchases to expand their offerings. Venture funding in the sector picked up after a slow start…

    Read More

  • Microsoft Defender now auto-isolates compromised accounts

    October 11, 2023 at 02:46PM Microsoft Defender for Endpoint now has a new feature called ‘contain user’ in public preview that helps prevent lateral movement in hands-on-keyboard attacks. It isolates compromised user accounts to disrupt attacks and prevent malicious actions such as credential theft and data exfiltration. The feature has been effective in protecting thousands…

    Read More

  • Adobe Acrobat Reader Vuln Now Under Attack

    October 11, 2023 at 02:20PM The Cybersecurity Infrastructure & Security Agency (CISA) has added an Adobe Acrobat Reader bug to its list of exploited vulnerabilities. The bug (CVE-2023-21608) exists in multiple versions of Adobe Acrobat and Reader and allows remote execution of malicious code. CISA advises users to update their software, which was patched in…

    Read More